b"00064-FDIC-cover final.qxd   12/6/06   5:11 PM   Page 2\n\n\n\n\n                                                            OFFICE OF INSPECTOR GENERAL\n\n\n\n\n                                                           Semiannual Report to the\n\n                                                          CONGRESS\n                                                            April 1, 2006 \xe2\x80\x93 September 30, 2006\n\n\n\n\n                                                          INCLUDING THE OFFICE OF INSPECTOR GENERAL'S\n                                                             PERFORMANCE REPORT FOR FISCAL YEAR 2006\n\x0c00064-FDIC-cover final.qxd   12/6/06    5:11 PM   Page 3\n\n\n\n\n                                          The Federal Deposit Insurance Corporation\n                                        (FDIC) is an independent agency created by the\n                                        Congress to maintain stability and confidence in\n                                        the nation\xe2\x80\x99s banking system by insuring deposits,\n                                        examining and supervising financial institutions,\n                                          and managing receiverships. Approximately\n                                       4,560 individuals within seven specialized operat-\n                                       ing divisions and other offices carry out the FDIC\n                                         mission throughout the country. According to\n                                           most current FDIC data, the FDIC insured\n                                        $6.447 trillion in deposits for 8,790 institutions,\n                                       of which the FDIC supervised 5,241. The Corpo-\n                                         ration held insurance funds of $49.6 billion to\n                                                ensure depositors are safeguarded.\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page i\n\n\n\n\n                                                          OFFICE OF INSPECTOR GENERAL\n\n\n\n\n                                                         Semiannual Report to the\n\n                                                        CONGRESS\n                                                          April 1, 2006 \xe2\x80\x93 September 30, 2006\n\n\n\n\n                                                        INCLUDING THE OFFICE OF INSPECTOR GENERAL'S\n                                                           PERFORMANCE REPORT FOR FISCAL YEAR 2006\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page ii\n\x0cInspector General\xe2\x80\x99s\nStatement\n\n\n\n\nI am pleased to provide this semiannual        mation security program in accordance\nreport on the activities and accomplish-       with the Federal Information Security\nments of the Office of Inspector               Management Act of 2002 and highlighted\nGeneral (OIG) from April 1, 2006 to            steps that the Corporation could take to\nSeptember 30, 2006. The audits, evalua-        enhance the security of its information\ntions, investigations, and other activities    resources.\nhighlighted in this report illustrate the\nFDIC OIG\xe2\x80\x99s on-going commitment to              Of special note on the investigations\npromoting efficiency, effectiveness, and       front, among other successful cases, we\nintegrity and helping the Corporation          report that as a result of OIG investigative\nsuccessfully achieve its honorable mission     work in partnership with the U.S. Attor-\nof maintaining stability and public confi-     ney\xe2\x80\x99s Office for the Southern District of\ndence in the nation\xe2\x80\x99s banking system.          Florida, in July 2006, the former chair-\nOur Fiscal Year 2006 Performance Report        man of the board and chief executive offi-\nis also included as part of this semiannual    cer of Hamilton Bank was sentenced to\nreport to show our progress in meeting         30 years of incarceration and 36 months\nannual performance goals.                      of supervised release. He had earlier been\n                                               convicted on all 16 charges of making\nOver the past 6 months, our office             false filings to the Securities and Exchange\nissued 15 audit and evaluation reports.        Commission and to bank examiners,\nWe closed 21 investigations, with over         making false statements, wire fraud, bank\n$27 million in total fines, restitution,       fraud, securities fraud, obstruction of\nand potential monetary recoveries. As          a bank examination, and conspiracy.\ndiscussed in more detail in this report, our   Most recently, he, along with two other\naudit and evaluation work, in particular,      convicted Hamilton Bank officers, was\nreviewed and made recommendations              ordered to pay $32 million in total\nrelated to: the FDIC reserve ratio and         restitution for bank and securities fraud,\nassessment determinations, industrial loan     $16 million of which is payable to the\ncompanies, predatory lending, protection       FDIC.\nof personally identifiable information,\nconsumer rights issues, FDIC contract          We intend to continue to address issues of\nadministration, and corporate emergency        such significance to the Corporation, the\nresponse plans. We also issued a compre-       Congress, the financial services industry,\nhensive report on the Corporation\xe2\x80\x99s infor-     and the American people. We have just\n                                                                                              iii\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page iv\n\n\n\n\n            iv                                    SEMIANNUAL REPORT TO THE CONGRESS\n\n\n                      issued our Fiscal Year 2007 Business Plan,          of the Audit Committee, Martin Gruenberg,\n                      outlining a series of audits, evaluations,          during my first months on the job. As my\n                      investigative activities, internal operational      office carries out its independent oversight\n                      improvement projects, and other initiatives         role, I anticipate continuing a cooperative\n                      that we will undertake in the coming year.          and productive working relationship with\n                      Included in that plan is a newly articulated        them and others at the FDIC.\n                      vision statement that I firmly believe in and\n                      that will serve to inspire all OIG staff in their   In closing, I express my gratitude to Patricia\n                      daily work: The OIG is a quality-focused            M. Black, Deputy Inspector General, for her\n                      FDIC team that promotes excellence and trust        leadership as Acting Inspector General prior\n                      in service to the Corporation and the public        to my appointment. I also thank the OIG\n                      interest.                                           Executive team and staff for their helpful\n                                                                          assistance as I began my tenure as Inspector\n                      I was sworn in as Inspector General of the          General. I look forward to working with the\n                      FDIC on July 5, 2006. I have greatly appre-         Congress, the Corporation, and other mem-\n                      ciated the support of FDIC Chairman Sheila          bers of the Inspector General community as\n                      Bair and the FDIC Vice Chairman and Chair           we address the challenges ahead.\n\n\n\n\n                                                                           Jon T. Rymer\n                                                                           Inspector General\n\x0c0064-FDIC_FDIC text .qxd      12/6/06      5:07 PM       Page v\n\n\n\n\n               Table of Contents\n\n\n\n\n              Inspector General\xe2\x80\x99s Statement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .iii\n              Highlights and Outcomes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1\n\n\n              STRATEGIC GOAL AREAS\n\n                     Supervision: Assist the FDIC to Ensure the Nation\xe2\x80\x99s\n                                  Banks Operate Safely and Soundly . . . . . . . . . . . . . . . . . . . . . . . . . .5\n\n                     Insurance: Help the FDIC Maintain the Viability of the\n                                Insurance Funds . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15\n\n                     Consumer Protection: Assist the FDIC to Protect Consumer\n                                          Rights and Ensure Community Reinvestment . . . . . . . . .19\n\n                     Receivership Management: Help Ensure that the FDIC is Ready to\n                                              Resolve Failed Banks and Effectively\n                                              Manages Receiverships . . . . . . . . . . . . . . . . . . . . . .27\n\n                     Resources Management: Promote Sound Governance and Effective\n                                           Stewardship of Financial, Human, Information\n                                           Technology, and Procurement Resources . . . . . . . . . . .29\n\n                     OIG Internal Processes: Continuously Enhance the OIG\xe2\x80\x99s Business\n                                             and Management Processes . . . . . . . . . . . . . . . . . . . . .35\n\n              Cumulative Results . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .39\n\n              Fiscal Year 2006 Performance Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .41\n\n              Reporting Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .47\n\n              Information Required by the Inspector General Act of 1978, as amended . . . . . . . . . . .49\n\n              Abbreviations and Acronyms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .57\n\n                                                                                                                                           v\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page vi\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 1\n\n\n\n\n               Highlights and Outcomes\n\n\n\n\n              The OIG\xe2\x80\x99s 2006 Business Plan contains five strategic goals that are closely linked to the\n              FDIC\xe2\x80\x99s mission, programs, and activities, and one that focuses on the OIG\xe2\x80\x99s internal\n              business and management processes. These highlights show our progress in meeting\n              these goals during the reporting period. A more in-depth discussion of OIG audits,\n              evaluations, investigations, and other activities in pursuit of these goals follows.\n\n\n              S T R AT E G I C G O A L 1\n              SUPERVISION: Assist the FDIC to Ensure the Nation\xe2\x80\x99s Banks\n                           Operate Safely and Soundly\n\n              Achieving this goal is largely dependent on investigative success in combating financial\n              institution fraud, and we made excellent progress in this area. As a result of coopera-\n              tive efforts with Assistant U.S. Attorneys from around the country, numerous individu-\n              als were prosecuted for financial institution fraud during the reporting period. The\n              former chairman of the board and chief executive officer of Hamilton Bank was sen-\n              tenced to 30 years of incarceration and 36 months of supervised release. He had earlier\n              been convicted on all 16 charges of making false filings to the Securities and Exchange\n              Commission and to bank examiners, making false statements, wire fraud, bank fraud,\n              securities fraud, obstruction of a bank examination, and conspiracy. The former\n              Hamilton Bank president and the former chief financial officer also received stiff sen-\n              tences for their roles in the fraud. In another case, the former president of the First\n              National Bank of Blanchardville, Wisconsin, was sentenced to 108 months\xe2\x80\x99 incarcera-\n              tion to be followed by 5 years of supervised release and was ordered to pay $13.4 mil-\n              lion in restitution to the FDIC. We were also successful in obtaining three guilty pleas\n              from businessmen involved in an $8 million real estate land flip scheme and another\n              guilty plea from a mortgage broker for mortgage fraud. Multiple other guilty pleas,\n              indictments, and sentencings of former bank officers, directors, and bank customers\n              contributed to successful OIG results in this goal area. (See pages 5-14.)\n\n\n\n\n                                                                                                          1\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 2\n\n\n\n\n            2                                     SEMIANNUAL REPORT TO THE CONGRESS\n\n\n                      S T R AT E G I C G O A L 2\n                      INSURANCE: Help the FDIC Maintain the Viability\n                                 of the Insurance Funds\n                      Two major audit assignments focused on helping to maintain the viability of the insurance\n                      funds. We issued a report on the FDIC\xe2\x80\x99s reserve ratio and assessments determination process,\n                      recommending that the Corporation periodically validate key assumptions, estimates, or\n                      other components that factor into the calculation of the reserve ratio. Importantly, in con-\n                      nection with corporate governance practices, we recommended improved communication of\n                      information relevant to assessment determinations and other corporate matters and activities\n                      to the FDIC Board of Directors. In another report on the industrial loan company insurance\n                      application process, we made six recommendations to strengthen that process and subsequent\n                      monitoring of conditions imposed on industrial loan companies and business processes.\n                      (See pages 15-18.)\n\n\n                      S T R AT E G I C G O A L 3\n                      CONSUMER PROTECTION: Assist the FDIC to Protect Consumer Rights\n                                           and Ensure Community Reinvestment\n                      Audits and investigations contributed to the FDIC\xe2\x80\x99s protection of consumers in multiple\n                      ways. We issued a report on the challenges faced by the FDIC and the efforts taken to iden-\n                      tify, assess, and address risks posed to FDIC institutions and consumers from predatory\n                      lending practices. We issued reports and made several recommendations to ensure better\n                      protection of sensitive customer information. One report related to the risks of financial\n                      institutions\xe2\x80\x99 increased outsourcing of software development and maintenance, data process-\n                      ing, and other information technology services to technology service providers and the\n                      FDIC\xe2\x80\x99s related examination coverage. Another audit examined the Division of Resolutions\n                      and Receiverships\xe2\x80\x99 protection of bank employee and customer personally identifiable infor-\n                      mation. From a compliance standpoint, we assessed examiner use of Home Mortgage Disclo-\n                      sure Act data to identify and assess instances of potential discrimination in FDIC-supervised\n                      institutions and recommended strengthening examiner guidance. We also identified needed\n                      improvements in the FDIC\xe2\x80\x99s process for addressing the violations and deficiencies reported in\n                      compliance examinations. To help protect consumers, our Electronic Crimes Unit responded\n                      to phishing schemes where the FDIC and OIG Web sites were misused to entice consumers\n                      to divulge personal information. We successfully shut down several Web sites used for such\n                      purposes during the period. (See pages 19-26.)\n\n\n                      S T R AT E G I C G O A L 4\n                      RECEIVERSHIP MANAGEMENT: Help Ensure that the FDIC is Ready to\n                                               Resolve Failed Banks and Effectively\n                                               Manages Receiverships\n                      We continued to pursue concealment of assets investigations related to the more than\n                      $1.7 billion in criminal restitution that the FDIC is owed. We continued coordination\n                      with the Division of Resolutions and Receiverships, the Legal Division, and the Depart-\n                      ment of Justice on such cases. We also began to strategize approaches for OIG work related\n                      to potential large bank failures. (See pages 27-28.)\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 3\n\n\n\n\n                                     SEMIANNUAL REPORT TO THE CONGRESS                                       3\n\n\n          S T R AT E G I C G O A L 5\n          RESOURCES MANAGEMENT: Promote Sound Governance and Effective\n                                Stewardship of Financial, Human, IT, and\n                                Procurement Resources\n          We issued a number of audit and evaluation reports resulting in positive benefits to the\n          FDIC. Our Federal Information Security Management Act-related work reported that the FDIC\n          had made significant progress over the last several years but continued attention was needed in\n          such areas as enterprise architecture, configuration management, access controls, and audit and\n          accountability controls. Other reports addressed strengthening the Corporation\xe2\x80\x99s emergency\n          response policy and the maintenance, communication, and content of emergency response plans;\n          and enhancing controls over the disposal of sensitive FDIC information. We also made a series\n          of recommendations to help ensure an efficient, effective, and accountable FDIC contract\n          administration process and better position the Corporation to control costs, meet scheduled\n          timeframes, and ensure contractor performance. (See pages 29-34.)\n\n\n          S T R AT E G I C G O A L 6\n          OIG INTERNAL PROCESSES: Continuously Enhance the OIG\xe2\x80\x99s Business and\n                                  Management Processes\n          We continued to focus on strategically planning OIG work, resulting in formulating our Fis-\n          cal Year 2007 Business Plan, which combines our strategic plan and performance plan and\n          includes our Audit and Evaluation Plan, infrastructure improvement projects, and other ini-\n          tiatives. These plans unify, guide, and integrate OIG activities in pursuit of our six strategic\n          goals. We promoted effective stakeholder relationships and information-sharing by way of\n          OIG Executive meetings with FDIC Executives; presentations at FDIC Audit Committee\n          meetings; Congressional interaction; and coordination with financial regulatory OIGs, other\n          members of the Inspector General community, and the Government Accountability Office.\n          We reviewed and/or commented on six proposed corporate policies (e.g., protection of pri-\n          vacy information, the FDIC\xe2\x80\x99s software configuration management program, and enterprise\n          risk management) and two draft legislative documents and regulations. We focused on con-\n          tinuously enhancing the OIG\xe2\x80\x99s business and management processes by strengthening the\n          OIG\xe2\x80\x99s human capital practices, taking steps to better ensure the quality of OIG activities and\n          products, and investing in cost-effective and secure information technology to improve per-\n          formance and productivity. (See pages 35-38.)\n\x0c0064-FDIC_FDIC text .qxd    12/6/06     5:07 PM   Page 4\n\n\n\n\n            4                                        SEMIANNUAL REPORT TO THE CONGRESS\n\n\n\n                                                     SIGNIFICANT OUTCOMES\n                                                            (April 2006 \xe2\x80\x93 September 2006)\n\n\n                           Audit and Evaluation Reports Issued                                              15\n\n                           Nonmonetary Recommendations                                                      48\n\n                           Investigations Opened                                                            29\n\n                           Investigations Closed                                                            21\n\n                           OIG Subpoenas Issued                                                             18\n\n\n\n                           JUDICIAL ACTIONS:\n\n                                Indictments/Informations                                                    11\n\n                                Convictions                                                                 11\n\n                           Arrests                                                                          20\n\n\n\n                           OIG INVESTIGATIONS RESULTED IN:\n\n                                Fines of                                                               $15,500\n\n                                Restitution of                                                      $24,338,740\n\n                                Other Monetary Recoveries                                            $2,842,678\n\n                                Total                                                               $27,196,918\n\n                           Cases Referred to the Department of Justice (U.S. Attorney)                      19\n\n                           Cases Referred to FDIC Management                                                 1\n\n                           OIG Cases Conducted Jointly with Other Agencies                                  90\n\n                           Hotline Allegations Referred                                                     59\n\n                           Proposed Regulations and Legislation Reviewed                                     2\n\n                           Proposed FDIC Policies Reviewed                                                   6\n                           Responses to Requests and Appeals under the Freedom of Information Act            6\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 5\n\n\n\n\n               S T R AT E G I C G O A L 1\n               Supervision\n               Assist the FDIC to Ensure the\n               Nation\xe2\x80\x99s Banks Operate Safely\n               and Soundly\n\n\n\n\n              Bank supervision is at the core of the FDIC\xe2\x80\x99s efforts to ensure stability and public con-\n              fidence in the nation\xe2\x80\x99s financial system. The FDIC is the primary federal regulator for\n              5,241 FDIC-insured, state-chartered institutions that are not members of the Federal\n              Reserve System (generally referred to as \xe2\x80\x9cstate non-member\xe2\x80\x9d institutions). The Depart-\n              ment of the Treasury (the Office of the Comptroller of the Currency and the Office of\n              Thrift Supervision) or the Federal Reserve Board supervise other banks or thrifts,\n              depending on the institution\xe2\x80\x99s charter.\n              Key to effective supervision is a strong examination program. The FDIC performs\n              safety and soundness, information technology (IT), trust, and other types of specialty\n              examinations of FDIC-supervised insured depository institutions. The majority of\n              the states participate with the FDIC in an examination program under which certain\n              examinations are performed on an alternating basis by the state regulators and the\n              FDIC. The Corporation also has back-up examination authority for national banks,\n              state-chartered banks that are members of the Federal Reserve System, and savings asso-\n              ciations, all in the interest of protecting the deposit insurance fund. The examinations\n              are conducted to assess an institution\xe2\x80\x99s overall financial condition, management prac-\n              tices and policies, and compliance with applicable laws and regulations.\n              The banking industry has been marked by consolidation, the impact of globalization,\n              and the development of increasingly complex investment strategies available to banks.\n              This has led bank regulators, both domestically and internationally, to devise new stan-\n              dards for bank capital requirements commonly referred to as Basel IA and Basel II.\n              The FDIC has been engaged with other bank regulators in developing new standards\n              and assessing the potential impact on bank safety and soundness.\n              In addition, the FDIC is faced with developing and implementing programs to mini-\n              mize the extent to which the institutions it supervises are involved in or victims of\n              financial crimes and other abuse. Bank governance practices are important safeguards\n              against fraud and other abuses, and the FDIC has issued guidance to banks about gov-\n              ernance expectations, including adherence to requirements in the Sarbanes-Oxley Act\n              for publicly traded financial institutions. In its role as supervisor, the FDIC also ana-\n              lyzes data security threats, occurrences of bank security breaches, and incidents of\n              electronic crime that involve financial institutions. As part of safety and soundness\n              examinations, the FDIC also ensures that the institutions comply with regulatory\n              reporting requirements of the Bank Secrecy Act.                                             5\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 6\n\n\n\n\n            6                                     SEMIANNUAL REPORT TO THE CONGRESS\n\n\n                      As more and more laws are passed, and new regulations are adopted to implement those laws,\n                      policy makers and regulators have worked to ensure that the intended benefits justify the con-\n                      siderable costs. Pursuant to the Economic Growth and Regulatory Reduction Act of 1996,\n                      the FDIC and other bank regulators have been reviewing regulations in order to identify out-\n                      dated or otherwise unnecessary regulatory requirements imposed on insured depository insti-\n                      tutions. Of note as we were going to press with this semiannual report, the President had\n                      signed S.2856, the Financial Services Regulatory Relief Act. Among other provisions, this act\n                      includes an increase from $250 million to $500 million on the asset size for eligibility for an\n                      18-month examination cycle; permission for banks, thrifts, and credit unions to use new\n                      lending and investment authority; and other changes allowing financial institutions to\n                      improve the efficiency of their operations.\n                      The OIG\xe2\x80\x99s role under this strategic goal is conducting audits and evaluations that review the\n                      effectiveness of various FDIC programs aimed at providing continued stability to the nation\xe2\x80\x99s\n                      banks. The OIG also conducts investigations of fraud at FDIC-supervised institutions; fraud\n                      by bank officers, directors, or other insiders; obstruction of bank examinations; fraud leading\n                      to the failure of an institution; fraud impacting multiple institutions; and fraud involving\n                      monetary losses that could significantly impact the institution.\n                      To assist the FDIC to ensure the nation\xe2\x80\x99s banks operate safely and soundly, the OIG\xe2\x80\x99s 2006\n                      performance goals were as follows:\n                            \xe2\x96\xa0   Evaluate the effectiveness of the FDIC\xe2\x80\x99s supervision program, and\n                            \xe2\x96\xa0   Evaluate and assist FDIC efforts to detect and prevent bank secrecy violations, fraud,\n                                and financial crimes in FDIC-insured institutions.\n\n\n                      OIG Work in Support of Goal 1\n                      The OIG\xe2\x80\x99s Office of Investigations is a driving force in combating fraud that occurs at or\n                      impacts financial institutions. The perpetrators of such crimes can be those very individuals\n                      entrusted with governance responsibilities at the institutions\xe2\x80\x93directors and bank officers. In\n                      other cases, individuals providing professional services to the banks, others working inside the\n                      bank, and customers themselves are principals in fraudulent schemes. The intentional denial\n                      of accurate information to bank examiners undermines the integrity of the examination\n                      process. The OIG defends the vitality of the examination process by investigating allegations\n                      of criminal obstruction of bank examinations, often associated with fraudulent activities, and\n                      by working with U.S. Attorneys\xe2\x80\x99 Offices to bring these cases to justice.\n                      The following cases from the reporting period are illustrative of the OIG\xe2\x80\x99s success in pursuing\n                      Strategic Goal 1 during the reporting period.\n\n                      Sentencing of Former Hamilton Bank Officers for $20 Million Bank Fraud\n                      On July 26, 2006, the former chairman of the board and chief executive officer, Hamilton Bank\n                      (Hamilton), and Hamilton Bancorp, Hamilton\xe2\x80\x99s bank holding company, Miami, Florida, was\n                      sentenced in the U.S. District Court for the Southern District of Florida to 30 years\xe2\x80\x99 incarcera-\n                      tion and 36 months of supervised release. The defendant was immediately remanded to the cus-\n                      tody of the Attorney General.\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 7\n\n\n\n\n                                     SEMIANNUAL REPORT TO THE CONGRESS                                             7\n\n\n          After a month-long trial, the former chairman of the board was convicted on all 16 charges of\n          making false filings to the Securities and Exchange Commission (SEC) and to bank examin-\n          ers, making false statements, wire fraud, bank fraud, securities fraud, obstruction of a bank\n          examination, and conspiracy.\n          On July 27, 2006, sentencing hearings were held for the former Hamilton president, and the\n          former Hamilton chief financial officer, both of whom pleaded guilty before trial and cooper-\n          ated with the government during the investigation.\n          The former president was sentenced to 28 months\xe2\x80\x99 incarceration, 24 months of supervised\n          release, and was fined $10,000. He previously pleaded guilty to two counts of securities\n          fraud. The former chief financial officer was sentenced to 28 months\xe2\x80\x99 incarceration to be fol-\n          lowed by 24 months of supervised release as a result of his earlier guilty plea to one count of\n          securities fraud and one count of obstruction of a formal agency proceeding. Both men were\n          ordered to surrender to the United States Marshal\xe2\x80\x99s Service on October 27, 2006.\n          The defendants participated in a fraudulent scheme whereby they falsely inflated the results\n          of operations, earnings, and financial condition of Hamilton Bancorp in the Securities and\n          Exchange Commission filings; obstructed the Office of the Comptroller of the Currency\xe2\x80\x99s\n          (OCC) examination of Hamilton Bank; and lied to the investing public, the bank and securi-\n          ties regulators, and their accountants regarding the true financial health of Hamilton Bancorp\n          and Hamilton Bank. In 1998 and 1999, the three defendants engaged in swap transactions\n          (or \xe2\x80\x9cadjusted price trades\xe2\x80\x9d) to hide Hamilton Bank\xe2\x80\x99s losses on certain loans, including more\n          than $22 million in losses in 1998, and falsely accounted for the transactions to make it\n          appear that no losses had been incurred. While the defendants falsely reported the nature\n          of the swap transactions to the investing public and the regulators, the indictment cited\n          recorded conversations in which the defendants openly discussed the transactions as swaps.\n          During 1998, Hamilton Bancorp had a market capitalization of more than $300 million.\n          Hamilton Bank was South Florida\xe2\x80\x99s highest profile trade finance bank before it ran into trou-\n          ble with its regulator, the OCC, over the questionable loan swaps that allowed the bank to\n          hide $22 million in losses in 1998. The OCC closed the bank in January 2002 and the\n          FDIC took on liquidation responsibilities as receiver.\n                                                 Investigation conducted by the FDIC OIG; prosecuted by the\n                                                    U.S. Attorney\xe2\x80\x99s Office for the Southern District of Florida.\n\n          Former President of the First National Bank of Blanchardville Sentenced to\n          9 Years\xe2\x80\x99 Incarceration and Ordered to Pay $13 Million in Restitution to the\n          FDIC\n          On July 21, 2006, the former president of the First National Bank of Blanchardville (FNBB),\n          Blanchardville, Wisconsin, was sentenced in U.S. District Court for the Western District of\n          Wisconsin. The defendant was sentenced to 108 months\xe2\x80\x99 incarceration, to be followed by\n          5 years of supervised release. In addition, the defendant was ordered to pay $13.4 million in\n          restitution to the FDIC. The defendant earlier pleaded guilty to one count of bank fraud.\n          On May 9, 2003, FNBB was declared insolvent by the OCC and the FDIC was appointed\n          receiver for the failed institution.\n          As part of his earlier plea statement to the court, the defendant admitted that he devised a\n          scheme to defraud FNBB of his honest services that caused the bank to fail. Specifically, the\n          scheme to defraud involved:\n\x0c0064-FDIC_FDIC text .qxd   12/6/06     5:07 PM   Page 8\n\n\n\n\n            8                                       SEMIANNUAL REPORT TO THE CONGRESS\n\n\n                            \xe2\x96\xa0   providing false information to the board of directors;\n                            \xe2\x96\xa0   substantially exceeding the bank\xe2\x80\x99s lending limits;\n                            \xe2\x96\xa0   issuing unauthorized loans;\n                            \xe2\x96\xa0   filing false reports with regulators and causing bank records to be altered to mislead\n                                federal auditors;\n                            \xe2\x96\xa0   soliciting $17 million worth of worthless checks that were deposited into a customer\xe2\x80\x99s\n                                account to reduce the overdraft status on the account and reduce delinquent loan\n                                accounts;\n                            \xe2\x96\xa0   falsifying minutes of the board of directors meetings;\n                            \xe2\x96\xa0   placing false loan notes in loan files; and\n                            \xe2\x96\xa0   failing to follow banking regulations regarding the classifications of loans.\n                                          Joint investigation by the FDIC OIG, the Federal Bureau of Investigation (FBI), and\n                                         the Internal Revenue Service Criminal Investigation Division, based on a referral from\n                                     the Division of Resolutions and Receiverships; prosecuted by the U.S. Attorney\xe2\x80\x99s Office for\n                                                                                             the Western District of Wisconsin.\n\n                      Former President of Canton State Bank and His Wife Indicted on\n                      26 Counts of Bank Fraud\n                      On June 8, 2006, in the Eastern District of Missouri, the former president of Canton State\n                      Bank and his wife were indicted by a federal grand jury on 26 felony counts of conspiracy to\n                      make false statements to FDIC-insured institutions and the U.S. Department of Agriculture\n                      Farm Service Agency (FSA), false statements, money laundering, and bank fraud.\n                      The indictment charged that between October 2001 and August 2004, the defendants under-\n                      stated their liabilities on loan applications with Canton State Bank, The Paris National Bank,\n                      Perry State Bank, Bank of Monticello, and the FSA. In addition, the defendants represented\n                      to Perry State Bank and the FSA that the livestock and farm equipment that they pledged as\n                      collateral security for loans was free and clear of all other liens and encumbrances, when they\n                      had previously pledged the same collateral for other loans.\n                      The indictment also charged that between August 2002 and May 2003, the former president\n                      allegedly made numerous loans to a bank customer, who then wrote checks to return a sub-\n                      stantial portion of the loan proceeds to the former president. The indictment further alleged\n                      that, in some cases, the payee on those checks was listed as the bank president\xe2\x80\x99s wife\xe2\x80\x99s minor\n                      child in order to conceal the payments to him.\n                                Joint investigation by the FDIC OIG, the FBI, and the U.S. Department of Agriculture OIG,\n                                        based on a referral from the Division of Supervision and Consumer Protection (DSC);\n                                                  prosecuted by the U.S. Attorney\xe2\x80\x99s Office for the Eastern District of Missouri.\n\n                      Former COO of Universal Federal Savings Bank Sentenced\n                      On September 19, 2006, in the U.S. District Court for the Northern District of Illinois, Uni-\n                      versal Federal Savings Bank\xe2\x80\x99s (Universal) former chief operations officer (COO) was sen-\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 9\n\n\n\n\n                                     SEMIANNUAL REPORT TO THE CONGRESS                                                    9\n\n\n          tenced to 38 months of incarceration, to be followed by 3 years of supervised release and\n          600 hours of community service. She was also ordered to pay restitution in the amount of\n          $1,313,082 to the FDIC. A Universal customer earlier pleaded guilty to one count of wire\n          fraud affecting a financial institution and the former COO\xe2\x80\x99s brother was sentenced to 2 years\n          of supervised release and 200 hours of community service. All of Universal\xe2\x80\x99s losses occurred\n          prior to his activity; consequently, no restitution was ordered. The former COO\xe2\x80\x99s sentence,\n          the bank customer\xe2\x80\x99s guilty plea, and the COO\xe2\x80\x99s brother\xe2\x80\x99s sentence were the result of an\n          indictment filed in January 2005 concerning the activities surrounding the failure of Univer-\n          sal on June 27, 2002.\n          As previously reported, the indictment alleged that a Universal customer conspired with Uni-\n          versal\xe2\x80\x99s COO to misapply the financial institution\xe2\x80\x99s funds and to make a false entry in a book,\n          report, or statement of or to Universal.\n          The bank customer wrote insufficient funds checks and deposited those checks in Universal\xe2\x80\x99s\n          correspondent account at American National Bank (ANB). After receiving immediate credit\n          and availability of those funds, he withdrew some or all of the funds, and then covered\n          the previous insufficient funds checks plus the withdrawn funds by depositing even larger\n          amounts of insufficient funds checks. This cycle continued almost daily for more than\n          6 months. During the conspiracy, the bank customer made approximately 138 deposits\n          at ANB that included insufficient funds checks totaling more than $200 million.\n          Universal\xe2\x80\x99s chairman of the board of directors requested a review of the bank customer\xe2\x80\x99s\n          account activity and directed the former COO to provide copies of the fronts and backs of\n          checks. In order to conceal the check-kiting scheme, the former COO and the bank cus-\n          tomer agreed that the bank customer would alter the checks. The bank customer and the for-\n          mer COO\xe2\x80\x99s brother, a certified public accountant and authorized signer on the account with\n          the customer, falsified the backs of the account checks to conceal that they were deposited\n          into Universal\xe2\x80\x99s correspondent account at ANB. On or about June 20, 2002, the former\n          COO knowingly provided the falsified check copies to the chairman in furtherance of the\n          conspiracy. About 1 week later, the check-kiting scheme was discovered and stopped. The\n          scheme and conspiracy caused a loss in excess of $10 million, and Universal was forced to\n          cease operations.\n                                               Joint investigation by the FDIC OIG and the FBI; prosecuted by the\n                                                                 U.S. Attorney\xe2\x80\x99s Office, Northern District of Illinois.\n\n          Former Bank Director of Central Bank Convicted\n          of Misapplication of Bank Funds\n          On May 8, 2006, the former executive vice president and chief lending officer of Central\n          Bank, Houston, Texas, pleaded guilty in the U.S. District Court for the Southern District of\n          Texas, to 11 counts of misapplication of bank funds by a bank officer. The defendant\xe2\x80\x99s guilty\n          plea is the result of an information filed on April 14, 2006.\n          The defendant admitted that between May 2001 and September 2003, while employed as an\n          officer and director of Central Bank, an FDIC-insured institution, he misapplied and con-\n          verted to his own use proceeds of loans from Central Bank to various borrowers. The evi-\n          dence proved, and the defendant conceded, that he had created an assumed business name for\n          himself, CBMB & Associates. He placed false invoices for \xe2\x80\x9cfees\xe2\x80\x9d in Central Bank\xe2\x80\x99s loan files,\n          authorized the disbursement of loan proceeds to CBMB & Associates, and negotiated and\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 10\n\n\n\n\n            10                                    SEMIANNUAL REPORT TO THE CONGRESS\n\n\n                      deposited into bank accounts on which he was the sole signatory the checks representing\n                      these \xe2\x80\x9cfees,\xe2\x80\x9d thereby misapplying and converting the bank\xe2\x80\x99s funds to his personal benefit.\n                      Each of the 11 counts of the criminal information accused the defendant of embezzling loan\n                      proceeds in sums ranging from as little as $3,390 to as much as $72,000.\n                      As part of the defendant\xe2\x80\x99s plea agreement, he entered into and executed stipulation to an\n                      action under 8(e) of the Federal Deposit Insurance Act, which provides for a lifetime ban\n                      from banking.\n                                 Joint investigation by the FDIC OIG and the FBI, based on a referral from the FDIC Legal\n                                        Division; prosecuted by the U.S. Attorney\xe2\x80\x99s Office for the Southern District of Texas.\n\n                      Bank Vice President Sentenced to 41 Months\xe2\x80\x99 Incarceration\n                      On July 18, 2006, the former vice president of First Century Bank was sentenced in the East-\n                      ern District of Tennessee to 41 months\xe2\x80\x99 incarceration, followed by 60 months of supervised\n                      release. She was also ordered to pay $600,000 in restitution to First Century Bank. The\n                      defendant earlier pleaded guilty to a one-count information charging her with bank fraud.\n                      The defendant originated over 100 fraudulent loans during her tenure with First Century\n                      Bank, resulting in bank losses in excess of $600,000. She began falsifying loan records to\n                      enable customers to obtain loans. As these loans became delinquent, the defendant made\n                      unauthorized withdrawals from inactive customer accounts and originated new loans in the\n                      name of customers without their knowledge. The proceeds of these unauthorized with-\n                      drawals and fraudulent loans were then used to cover loan payments and to pay off existing\n                      fraudulent loans.\n                                 Joint investigation by the FDIC OIG and FBI, based on a referral from DSC; prosecuted by\n                                                              the U.S. Attorney\xe2\x80\x99s Office for the Eastern District of Tennessee.\n\n                      Bank Customer Pleads Guilty to $18 Million Bank Fraud\n                      On July 12, 2006, in the U.S. District Court for the Northern District of Illinois, a bank cus-\n                      tomer pleaded guilty to a criminal information charging him with one count of bank fraud.\n                      The defendant admitted to devising a scheme to divert $18 million of loan proceeds from\n                      creditors.\n                      According to the information, the defendant defrauded two financial institutions of loan pay-\n                      ments owed by third-party borrowers. The defendant submitted falsified loan payment docu-\n                      ments and financial reports to Lincoln State Bank, an FDIC-supervised institution, and\n                      Ottawa Savings Bank, an Office of Thrift Supervision-supervised institution. Both financial\n                      institutions were FDIC insured.\n                      These diverted funds represented proceeds and payments against participation loan agree-\n                      ments between third-party borrowers and 15 financial institutions. Commercial Loan\n                      Corporation, Inc., Oak Brook, Illinois, a company controlled by the defendant, brokered\n                      commercial loans between the affected borrowers and lenders. As part of this service, Com-\n                      mercial Loan Corporation, Inc., provided collection and payment services for the borrowers.\n                      The defendant\xe2\x80\x99s scheme involved collecting and diverting loan payments owed to creditors,\n                      and overselling the loan participation agreements to other financial institutions to obtain\n                      funds in excess of the borrowers\xe2\x80\x99 approved loans. These loan payments and excess funds were\n                      then diverted, for the defendant\xe2\x80\x99s personal benefit, into a manufacturing plant as capitaliza-\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM    Page 11\n\n\n\n\n                                      SEMIANNUAL REPORT TO THE CONGRESS                                                 11\n\n\n          tion loans. The defendant\xe2\x80\x99s diverted funds were lost when the plant closed and these \xe2\x80\x9cloans\xe2\x80\x9d\n          went into default.\n                   Joint investigation by the FDIC OIG and the FBI, based on a referral from DSC; prosecuted\n                             by the U.S. Attorney\xe2\x80\x99s Office for the Northern District of Illinois, Eastern Division.\n\n          Real Estate Frauds\n          The increased reliance by both financial institution and non-financial institution lenders on\n          third-party brokers has created opportunities for fraud. Some of the emerging mortgage\n          fraud schemes include \xe2\x80\x9cproperty flipping.\xe2\x80\x9d Property flipping is best described as purchasing\n          properties and artificially inflating their value through false appraisals. The artificially valued\n          properties are then repurchased several times for a higher price by associates of the \xe2\x80\x9cflipper.\xe2\x80\x9d\n\n          THREE MEN PLEAD GUILTY IN $8 MILLION REAL ESTATE \xe2\x80\x9cLAND FLIP\xe2\x80\x9d SCHEME\n          During April 2006, three businessmen pleaded guilty in the U.S. District Court for the Cen-\n          tral District of Illinois to all charges in an August 5, 2005, 11-count superseding indictment\n          that charged them with bank fraud, mail fraud, money laundering, and wire fraud.\n          The defendants admitted to engaging in a real estate \xe2\x80\x9cland flipping\xe2\x80\x9d scheme from 1999-2005\n          to defraud real estate lenders, including Central Illinois Bank, Champaign, Illinois, an FDIC-\n          insured institution, buyers, and sellers. The scheme involved more than 150 fraudulent real\n          estate sales and financing transactions totaling more than $8 million in fraud against financial\n          institutions.\n          The superseding indictment alleged that the defendants used fraudulent appraisals to buy,\n          sell, and finance properties at prices fraudulently inflated. Two of the defendants represented\n          themselves as property managers who were in the business of buying, selling, and managing\n          real estate, though neither were licensed real estate brokers or salespersons. The third defen-\n          dant was a licensed real estate appraiser who allegedly performed numerous appraisals for the\n          two defendants in which he falsely inflated the value of the real estate.\n          To carry out the scheme, two of the defendants recruited buyers, typically of modest means\n          with little or no experience in rental real estate investment. To entice the buyers, the two\n          defendants allegedly made one or more false representations to them regarding prospective\n          properties.\n          The two businessmen allegedly made more than $3 million for their personal use and to pro-\n          mote the scheme, while the real estate appraiser received fees of $350 to $450 per appraisal.\n                    Joint investigation by the FDIC OIG, the U.S. Postal Inspection Service and the FBI; prose-\n                                            cuted by the U.S. Attorney\xe2\x80\x99s Office for the Central District of Illinois.\n\n          MORTGAGE BROKER PLEADS GUILTY TO A MORTGAGE FRAUD SCHEME\n          On September 25, 2006, a mortgage broker from Dallas, Texas, pleaded guilty in the U.S.\n          District Court for the Northern District of Texas to an indictment charging him with one\n          count of wire fraud and aiding and abetting. The defendant is scheduled to be sentenced\n          on January 2, 2007.\n          As previously reported, the defendant and two other business associates were charged in a\n          14-count indictment in March 2006. The grand jury charged one of the defendants with one\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 12\n\n\n\n\n            12                                    SEMIANNUAL REPORT TO THE CONGRESS\n\n\n                      count of bank fraud, seven counts of wire fraud, and six counts of engaging in monetary\n                      transactions derived from specified unlawful activity. A second defendant was charged with\n                      one count of bank fraud and six counts of wire fraud. The third was charged with one count\n                      of wire fraud. Each of the counts in the indictment also included the associated charge of\n                      aiding and abetting. Following the indictment, arrest warrants were issued, and agents from\n                      the FDIC OIG and the FBI arrested two of the defendants on March 9, 2006. The third\n                      defendant self-surrendered on March 10, 2006.\n                      The indictment alleged that the three associates devised a scheme to fraudulently obtain\n                      21 mortgage loans totaling $3,220,550. The defendants used schemes commonly referred to\n                      in the mortgage industry as property flips, markups and kickbacks, and HUD swaps to facili-\n                      tate the mortgage fraud. One of the mortgage companies impacted by this fraud scheme was\n                      Fremont Investment & Loan, an FDIC-supervised institution in Brea, California.\n                      In each instance, one of the defendants convinced inexperienced real estate investors to stand\n                      in as straw borrowers and purchase the properties for fraudulently inflated sales prices. A sec-\n                      ond defendant, a loan officer, and the third, a mortgage broker, knowingly submitted false\n                      documentation to the lenders to enable the straw borrowers to qualify for the mortgage loans.\n                      Each of the straw borrowers received a financial inducement for participating in the fraud\n                      scheme. Fraudulent real estate appraisals were also submitted to the lenders to support the\n                      inflated sales prices of the properties.\n                                                         Joint investigation by the FDIC OIG and the FBI; prosecuted by the\n                                                                      U.S. Attorney\xe2\x80\x99s Office for the Northern District of Texas.\n\n                      Other Successful Investigative Outcomes\n                      FORMER STATE BANK OF COKATO EXECUTIVES PLEAD GUILTY\n                      In August 2006, two former bank executives from the State Bank of Cokato pleaded guilty in\n                      the U.S. District Court for the District of Minnesota in connection with various loan fraud\n                      schemes. The former president and director pleaded guilty to a criminal information charg-\n                      ing him with one count of bank fraud and one count of making false entries in a Quarterly\n                      Bank Report to the FDIC. The bank\xe2\x80\x99s former executive vice president pleaded guilty to one\n                      count of lying to a federal agent in connection with a Small Business Administration loan\n                      for a bank customer.\n                      If convicted, the former president and director of the bank faces a maximum potential\n                      penalty of 30 years in federal prison and a $1 million fine on each of those two charges. The\n                      former executive vice president faces a maximum potential penalty of 5 years in prison and a\n                      $250,000 fine.\n                                 Joint investigation by the FDIC OIG, the FBI, IRS - Criminal Investigation Division, based\n                               on a referral from the Kansas City FDIC Legal Division and DSC Regional Office; prosecuted\n                                                                  by the U.S. Attorney\xe2\x80\x99s Office for the District of Minnesota.\n\n                      FORMER BANK OFFICER SENTENCED FOR BANK FRAUD\n                      On April 27, 2006, the former assistant vice president of Falcon International Bank,\n                      Laredo, Texas, was sentenced in the U.S. District Court for the Southern District of Texas,\n                      to 14 months of incarceration, to be followed by 60 months of supervised release. She was\n                      also ordered to pay $106,768 in restitution; $50,000 of the restitution order is to be paid\n                      to the bonding company with the remaining balance to be paid to the bank.\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 13\n\n\n\n\n                                     SEMIANNUAL REPORT TO THE CONGRESS                                               13\n\n\n          The defendant\xe2\x80\x99s sentence resulted from her earlier guilty plea to a one-count information\n          charging her with embezzlement by a bank officer. The defendant\xe2\x80\x99s scheme resulted in\n          approximately $106,768 in losses to the bank.\n                  Joint investigation by the FDIC OIG and FBI, with assistance from the FDIC Legal Division;\n                                      prosecuted by the U.S. Attorney\xe2\x80\x99s Office for the Southern District of Texas.\n\n          FORMER EXECUTIVE VICE PRESIDENT OF IOWA-NEBRASKA STATE BANK SENTENCED\n          On August 1, 2006, the former executive vice president of Iowa-Nebraska State Bank, an\n          FDIC-supervised bank, South Sioux City, Nebraska, was sentenced in the U.S. District Court\n          for the Northern District of Iowa, to 5 months of incarceration, to be followed by 5 months\n          of house arrest, and fined $2,500. In March 2006, the defendant was found guilty of making\n          false entries in the bank\xe2\x80\x99s records.\n                                           Joint investigation by the FDIC OIG and the FBI; prosecuted by the\n                                                        U.S. Attorney\xe2\x80\x99s Office for the Northern District of Iowa.\n\n          FORMER VICE PRESIDENT OF ALLIANCE BANK PLEADS GUILTY TO EMBEZZLEMENT\n          On August 23, 2006, in the U.S. District Court for the District of Minnesota, the former\n          vice president in Commercial Lending, Alliance Bank, New Ulm, Minnesota, pleaded guilty\n          to one count of theft, embezzlement, and misapplication by a bank officer.\n          During a routine examination of Alliance Bank in August 2005, bank examiners discovered\n          irregularities involving dozens of cashier\xe2\x80\x99s checks. They found evidence that the former vice\n          president and other officers of Alliance Bank converted fees earned by the bank into cashier\xe2\x80\x99s\n          checks, diverted those funds to their individual bank accounts, and made false entries in the\n          books and records of the bank.\n          In accordance with her plea agreement, the former vice president agreed to assist the DOJ in\n          its investigation of the other senior Alliance Bank officers, paid $37,900 in restitution to the\n          bank, and stipulated to an action under 8(e) of the Federal Deposit Insurance Act, which pro-\n          vides for a lifetime ban from banking.\n                                                             Joint investigation by the FDIC OIG and the FBI,\n                                               based upon a referral from the DSC Kansas City Regional Office;\n                                          prosecuted by the U.S. Attorney\xe2\x80\x99s Office for the District of Minnesota.\n\n          FORMER BRANCH MANAGER OF HUDSON SAVINGS BANK CHARGED WITH EMBEZZLEMENT\n          On June 8, 2006, in the U.S. District Court for the District of Massachusetts, the former\n          branch manager of Hudson Savings Bank, Hudson, Massachusetts, was charged in an infor-\n          mation with two counts of misapplication and embezzlement of funds from Hudson Savings\n          Bank.\n          According to the information, over a 5-year period, the defendant allegedly tampered with\n          more than 60 customers\xe2\x80\x99 accounts at the bank, performing or authorizing hundreds of credits\n          and debits, and causing a loss to the bank of more than $650,000.\n          The information alleged that the defendant withdrew funds from existing customers\xe2\x80\x99 deposit\n          accounts and from active or inactive home equity lines of credit. He also created false\n          accounts from which he withdrew funds. The defendant allegedly avoided detection of his\n          actions by repaying credit lines from other customers\xe2\x80\x99 accounts, taking steps to prevent cus-\n          tomers from receiving account statements for periods of time, creating false loan statements\n\x0c0064-FDIC_FDIC text .qxd   12/6/06    5:07 PM   Page 14\n\n\n\n\n            14                                      SEMIANNUAL REPORT TO THE CONGRESS\n\n\n                      that were sent to customers, and changing the mailing addresses on loan accounts to\n                      addresses controlled by the defendant. According to the information, when customers\n                      became aware of unauthorized activity in their accounts, the defendant corrected the account\n                      by depositing funds from other customers\xe2\x80\x99 accounts, sent a letter to the customer reporting\n                      that there had been an \xe2\x80\x9cerror\xe2\x80\x9d in the account, and made a notation in the bank\xe2\x80\x99s internal data\n                      system that the account had been fixed and the customer notified.\n                                           Joint investigation by the FDIC OIG, the FBI, and the Hudson Police Department,\n                                               based on a referral from DSC; prosecuted by the Economic Crimes Unit for the\n                                                                        U.S. Attorney\xe2\x80\x99s Office for the District of Massachusetts.\n\n                      BANK CUSTOMER SENTENCED FOR CONSPIRACY TO COMMIT BANK FRAUD\n                      On April 24, 2006, a bank customer of the Bank of the Panhandle, Guymon, Oklahoma, and\n                      Production Credit Association of Woodward, Oklahoma, now Farm Credit Western, was sen-\n                      tenced in the U.S. District Court for the Western District of Oklahoma, to 60 months of\n                      incarceration, 104 hours of community service, and ordered to pay $2,608,137 in restitution\n                      ($2,361,245 payable to Production Credit Association and $246,891 to the Bank of the Pan-\n                      handle). The defendant\xe2\x80\x99s sentence was the result of his earlier guilty plea to an information\n                      charging him with one count of conspiracy to commit bank fraud.\n                                     Joint investigation by the FDIC OIG, U.S. Department of Agriculture OIG, and the FBI;\n                                                prosecuted by the U.S. Attorney\xe2\x80\x99s Office for the Western District of Oklahoma.\n\n                      Ongoing Audit Work\n                      An ongoing audit in the supervision area is determining whether the FDIC has established\n                      and implemented adequate procedures for addressing IT security risks at FDIC-supervised\n                      financial institutions that offer electronic banking products and services.\n                      Another assignment is determining whether examiners assess the reliability of appraisals and\n                      sufficiency of insurance coverage as part of the evaluation of an institution\xe2\x80\x99s lending practices\n                      and policies.\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 15\n\n\n\n\n               S T R AT E G I C G O A L 2\n               Insurance\n               Help the FDIC Maintain the Viability\n               of the Insurance Funds\n\n\n\n\n              FDIC deposit insurance remains a central component of the federal government\xe2\x80\x99s\n              assurance to the public that it can be confident in the stability of the Nation\xe2\x80\x99s banks\n              and savings associations. Since its establishment in 1933, the FDIC has insured\n              deposits up to the legally authorized threshold, which presently stands at $100,000 for\n              individual accounts and $250,000 for certain retirement accounts. For almost two\n              decades following bank crises in the late-1980s and early 1990s, the FDIC managed\n              two deposit insurance funds\xe2\x80\x93one for banks and one for savings and loans.\n              Legislation passed by the Congress on February 1, 2006, merged separate insurance\n              funds for banks and thrifts into a single Deposit Insurance Fund with about $49.6 bil-\n              lion in reserve. This legislation also imposed some reforms on how the FDIC is to\n              manage the fund in the future, including indexing for inflation, permitting the fund\n              reserves to fluctuate inside a percentage range of estimated insured deposits, and\n              administering credits, dividends, and risk-based assessments. The Corporation is work-\n              ing to implement these reforms.\n              As insurer, the FDIC must evaluate and effectively manage how changes in the econ-\n              omy, the financial markets, and the banking system affect the adequacy and the viabil-\n              ity of the deposit insurance fund. Financial instruments and transactions continue to\n              become more complex, and the process of financial intermediation, even in smaller\n              institutions, increasingly sophisticated. Further, the ongoing consolidation of the\n              banking industry means that there are a few very large institutions that represent an\n              increasingly significant share of the FDIC\xe2\x80\x99s exposure. According to the Corporation,\n              as of June 30, 2006, the ten largest FDIC-insured institutions accounted for 42 percent\n              of deposits and 44 percent of the assets of all FDIC-insured institutions.\n              The OIG has a responsibility to evaluate the FDIC\xe2\x80\x99s programs and operations to ensure\n              that the agency has adequate information to gauge the risks inherent as financial insti-\n              tutions consolidate, enter into new business areas, and become more global.\n              To help the FDIC maintain the viability of the insurance fund, the OIG\xe2\x80\x99s 2006 per-\n              formance goals were as follows:\n\n\n\n                                                                                                         15\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 16\n\n\n\n\n            16                                    SEMIANNUAL REPORT TO THE CONGRESS\n\n\n                            \xe2\x96\xa0   Evaluate corporate programs to identify and manage risks in the banking industry\n                                that can cause losses to the fund, and\n                            \xe2\x96\xa0   Assess the management of the deposit insurance fund.\n\n\n                      OIG Work in Support of Goal 2\n                      The OIG\xe2\x80\x99s Office of Audits issued two reports in the insurance area during the reporting\n                      period, as discussed below:\n\n                      Reserve Ratio and Assessment Determinations\n                      We conducted an audit of the FDIC\xe2\x80\x99s reserve ratio and assessment determinations processes\n                      to determine whether: (1) the Division of Insurance and Research accurately determines the\n                      funds\xe2\x80\x99(the Bank Insurance Fund and the Savings Association Insurance Fund\xe2\x80\x93now the DIF)\n                      reserve ratios and (2) the Division of Finance has adequate controls in place to ensure that\n                      the FDIC accurately calculates, collects, and processes assessments of financial institutions.\n                      We concluded that the FDIC could improve internal controls over the reserve ratio and\n                                                                                      assessment determination\n                                                                                      processes. Although the\n                                                                                      FDIC accurately calcu-\n                                                                                      lated fund reserve ratios\n                                                                                      and assessments due from\n                                                                                      financial institutions, a\n                                                                                      key underlying assump-\n                                                                                      tion supporting the\n                                                                                      reserve ratio calculations\n                                                                                      became outdated and was\n                                                                                      not representative of\n                                                                                      actual transactions. We\n                                                                                      also concluded that FDIC\n                                                                                      could improve communi-\n                                                                                      cation of information rele-\n                                                                                      vant to assessment\n                                                                                      determinations and other\n                                                                                      corporate matters and\n                                                                                      activities to the\n                                                                                      FDIC Board of Directors.\n                                                                                          We recommended that the\n                                                                                          FDIC periodically validate\n                                                                                          key assumptions, esti-\n                                                                                          mates, or other compo-\n                                                                                          nents that factor into the\n                                                                                          calculation of the reserve\n                                                                                          ratio; review and clarify\n                                                                                          Board delegations of\n                                                                                          authority related to the\n                                                                                          assessments determination\n                                                                                          process; and evaluate pro-\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 17\n\n\n\n\n                                     SEMIANNUAL REPORT TO THE CONGRESS                                      17\n\n\n          cedures and practices for keeping Board members fully informed of Corporation matters and\n          activities.\n          FDIC management concurred with our findings and recommendations and is taking respon-\n          sive action. The FDIC planned to submit to the Board proposed revisions to policies, proce-\n          dures, and delegations of authority by September 30, 2006.\n\n          FDIC\xe2\x80\x99s Industrial Loan Company Deposit Insurance Application Process\n          Industrial Loan Companies (ILC) are FDIC-supervised, limited-charter depository institu-\n          tions. ILCs may be owned by commercial firms, and these parent companies may not be sub-\n          ject to consolidated supervision by a federal regulator. As of March 2006, there were 61 ILCs\n          with total assets of $155 billion.\n          The FDIC solely grants deposit insurance and evaluates whether an ILC application for\n          deposit insurance meets statutory factors. After approving the application, the FDIC issues\n          an Order for insurance that includes standard conditions and, if warranted, nonstandard con-\n          ditions.\n          The FDIC uses conditions to impose restrictions and establish operating parameters and con-\n          trols on ILCs, including business plan limitations. The FDIC may also impose certain types\n          of nonstandard conditions on ILCs, known as prudential conditions, which are related to\n          separating and insulating an ILC from its parent company.\n          We conducted a review during the reporting period to evaluate the FDIC\xe2\x80\x99s process for\n          (1) reviewing, investigating, and approving ILC applications for deposit insurance and\n          (2) monitoring business operations to ensure adherence to conditions imposed on ILCs.\n          We placed particular emphasis on the FDIC\xe2\x80\x99s monitoring of conditions associated with\n          ILC business plans.\n          We made six recommendations to strengthen the ILC deposit insurance application process\n          and subsequent monitoring of ILC conditions and business operations. The recommenda-\n          tions address our observations associated with:\n               \xe2\x96\xa0   documenting pre-filing meetings;\n               \xe2\x96\xa0   imposing conditions associated with deposit insurance applications;\n               \xe2\x96\xa0   obtaining the applicant\xe2\x80\x99s agreement in writing to nonstandard conditions, and con-\n                   firming the applicant\xe2\x80\x99s compliance with conditions;\n               \xe2\x96\xa0   clarifying corporate guidance for investigating the possible impact of an applicant\xe2\x80\x99s\n                   proposed line of business on existing financial institutions and the Deposit Insurance\n                   Fund; and\n               \xe2\x96\xa0   addressing the status of conditions in visitation reports and reports of examination.\n          The FDIC concurred with each of our recommendations and agreed to take action to address\n          four of the recommendations by December 31, 2006 and the two remaining recommenda-\n          tions by June 30, 2007.\n\n          Planned Work\n          Planned work in this goal area in fiscal year 2007 will include an audit of the FDIC\xe2\x80\x99s Dedi-\n          cated Examiner Program, a program that the FDIC uses in the six largest banks, in coopera-\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 18\n\n\n\n\n            18                                    SEMIANNUAL REPORT TO THE CONGRESS\n\n\n                      tion with other primary federal regulators and bank personnel to obtain real-time access to\n                      information about risks and trends in those institutions. We also plan to review the FDIC\xe2\x80\x99s\n                      overall approach to identifying and managing risks to the Deposit Insurance Fund.\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 19\n\n\n\n\n               S T R AT E G I C G O A L 3\n               Consumer Protection\n               Assist the FDIC to Protect Consumer\n               Rights and Ensure Community\n               Reinvestment\n\n\n\n\n              The U.S. Congress has long advocated particular protections for consumers in relation-\n              ships with banks. Federal fair lending and consumer protection laws, such as the Fair\n              Housing Act, the Equal Credit Opportunity Act, Gramm-Leach-Bliley Act, the Fair\n              and Accurate Credit Transaction Act of 2003, the Truth in Lending Act as amended by\n              the Home Ownership and Equity Protection Act, and the Real Estate Settlement Pro-\n              cedures Act provide substantive protection to borrowers. These laws provide disclosure\n              requirements, define high-cost loans, and contain anti-discrimination provisions.\n              To help monitor the home lending market, the Federal Reserve and other bank regula-\n              tors, such as the FDIC, collect and monitor loan pricing data in accordance with the\n              Home Mortgage Disclosure Act. Obtaining the data enables bank regulators, including\n              the FDIC to conduct efficient fair lending reviews and to make sure banks are provid-\n              ing equal access and pricing for loans regardless of a borrower\xe2\x80\x99s racial or ethnic back-\n              ground or gender. The Congress has also enacted the Community Reinvestment Act\n              (CRA) of 1977 to encourage federally insured banks and thrifts to help meet the credit\n              needs of their entire community, including low- and moderate-income neighborhoods,\n              consistent with safe and sound operations. The CRA requires federal bank regulators\n              to assess each insured institution\xe2\x80\x99s record of meeting these needs. Amendments to CRA\n              regulations became effective in September 2005.\n              The FDIC oversees statutory and regulatory requirements aimed at protecting con-\n              sumers from unfair and unscrupulous banking practices. Data security and financial\n              privacy are important values to consumers. Financial institutions are obligated under\n              various laws and regulations to protect consumer privacy and sensitive consumer infor-\n              mation. The FDIC carries out its role by (1) providing consumers with access to infor-\n              mation about their rights and disclosures that are required by federal laws and\n              regulations and (2) examining the banks where the FDIC is the primary federal regula-\n              tor to determine their compliance with laws and regulations governing consumer pro-\n              tection, fair lending, and community investment. A principal effort at consumer\n              education has been the FDIC\xe2\x80\x99s Money Smart program that aims to provide basic finan-\n              cial education skills to current and potential bank customers, often through alliances\n              with government, charitable, and community development organizations.\n\n\n                                                                                                         19\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 20\n\n\n\n\n            20                                    SEMIANNUAL REPORT TO THE CONGRESS\n\n\n                      The FDIC\xe2\x80\x99s bank examiners conduct examinations in FDIC-supervised banks on a scheduled\n                      basis to determine the institutions\xe2\x80\x99 compliance with laws and regulations governing consumer\n                      protection, fair lending, and community investment. When problem institutions are identi-\n                      fied, primarily through the examination process, the FDIC seeks to bring about corrective\n                      actions and possesses broad enforcement powers to correct situations that threaten an institu-\n                      tion\xe2\x80\x99s compliance with applicable laws.\n                      The OIG\xe2\x80\x99s role under this strategic goal is to review the effectiveness of various FDIC pro-\n                      grams aimed at protecting consumers, fair lending, and community investment. Addition-\n                      ally, the OIG\xe2\x80\x99s investigative authorities are used to identify, target, disrupt, and dismantle\n                      criminal organizations and individual operations engaged in fraud schemes that target finan-\n                      cial institutions or that prey on the banking public.\n                      To assist the FDIC to protect consumer rights and ensure community reinvestment, the\n                      OIG\xe2\x80\x99s 2006 performance goals were as follows:\n                            \xe2\x96\xa0   Evaluate the effectiveness of FDIC programs for protecting consumer privacy,\n                            \xe2\x96\xa0   Review the FDIC\xe2\x80\x99s fair lending and community reinvestment examination programs,\n                                and\n                            \xe2\x96\xa0   Strengthen enforcement against misrepresentations of deposit insurance coverage.\n\n\n                      OIG Work in Support of Goal 3\n                      A number of audits completed during the reporting period addressed important consumer\n                      protection matters: privacy, predatory lending, examiner use of Home Mortgage Disclosure\n                      Act data, and supervisory actions taken for compliance violations in FDIC-supervised institu-\n                      tions. Investigative work related to protection of personal information and misrepresentation\n                      of deposit insurance complemented audit efforts in this strategic goal area, as described\n                      below.\n\n                      FDIC\xe2\x80\x99s Oversight of TSPs\n                      An increasing number of financial institutions are outsourcing software development and\n                      maintenance, data processing, and other IT services to technology service providers (TSPs).\n                      Under the Bank Service Company Act, the FDIC and other federal financial regulators have\n                      statutory authority to regulate and examine the services a TSP performs for FDIC-insured\n                      financial institutions.\n                      According to the Federal Financial Institutions Examination Council (FFIEC), TSP relation-\n                      ships should be subject to the same risk management, security, privacy, and other internal\n                      controls and policies that would be expected if the financial institution were conducting the\n                      activities directly.\n                      Given the potential risks associated with use of TSPs, we are conducting a series of audits to\n                      assess the FDIC\xe2\x80\x99s examination coverage of TSPs and related efforts to protect sensitive cus-\n                      tomer information. During the reporting period, as a first step, we assessed the FDIC\xe2\x80\x99s over-\n                      sight process for identifying and monitoring TSPs used by FDIC-supervised institutions and\n                      for prioritizing examination coverage of TSPs. We also reviewed the extent to which TSP\n                      information was being captured in the FDIC\xe2\x80\x99s Virtual Supervisory Information On the Net\n                      system (ViSION).\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 21\n\n\n\n\n                                     SEMIANNUAL REPORT TO THE CONGRESS                                      21\n\n\n          The FDIC actively supported the FFIEC through examinations of numerous high-priority\n          TSPs and has acted to strengthen its IT Risk Management Program and corresponding cover-\n          age of TSPs. However, the FDIC\xe2\x80\x99s oversight process for identifying, monitoring, and priori-\n          tizing TSPs for examination coverage needed improvement. Further, our evaluation of TSP\n          data in ViSION indicated that adequate controls had not been implemented to obtain and\n          maintain TSP data. Additionally, we determined that the FDIC could improve its participa-\n          tion in the TSP risk-based supervisory process used by the federal banking agencies.\n          To address these concerns, we made six recommendations to help the FDIC: (1) better iden-\n          tify and monitor TSPs with access to sensitive customer information and (2) improve the\n          process the FDIC uses (in conjunction with the other FFIEC agencies) for assessing the risks\n          posed by, and prioritizing for examination, those TSPs with access to sensitive customer\n          information.\n          FDIC management generally agreed with our recommendations. The FDIC will take steps\n          to improve its TSP inventory and sharing of TSP information with the other federal banking\n          agencies, enhance controls over Bank Service Company Act notifications, increase data relia-\n          bility, and work with the FFIEC IT Subcommittee regarding including in the new risk-based\n          examination priority ranking program those TSPs processing sensitive customer information.\n\n          DRR\xe2\x80\x99s Protection of Bank Employee and Customer\n          Personally Identifiable Information\n          The FDIC\xe2\x80\x99s Division of Resolutions and Receiverships (DRR) has primary responsibility for\n          resolving failed FDIC-insured depository institutions promptly, efficiently, and responsively\n          in order to maintain public confidence in the nation\xe2\x80\x99s financial system. In performing their\n          duties, DRR personnel have access to a wide variety of records containing personally identifi-\n          able information of a bank\xe2\x80\x99s employees and customers.\n          During the reporting period we conducted an audit to determine whether DRR adequately\n          protects personally identifiable information collected and maintained as a result of resolution\n          and receivership functions. We focused our attention on DRR efforts to protect information\n          maintained in hardcopy form.\n          We determined that overall, through various policies and procedures, DRR has established\n          certain controls over the resolution and receivership process addressing the protection of sen-\n          sitive bank employee and customer personally identifiable information. During our review of\n          documentation supporting the four most recent institution closings, we found that DRR had\n          implemented the controls as designed.\n          However, we identified opportunities for DRR to strengthen its controls. In particular, DRR\n          had not established a Records Management Program that defined recordkeeping requirements\n          for the inventory, maintenance, control, and use of hardcopy documents. As a result, person-\n          ally identifiable information could be at increased risk of compromise or unauthorized use.\n          We recommended that DRR work with the Division of Administration (DOA), and other\n          cognizant FDIC divisions and offices, in developing a DRR Records Management Program\n          that would include guidelines for the inventory, maintenance, use, and control of hardcopy\n          records containing personally identifiable information from failed institutions. DRR man-\n          agement concurred with the recommendation and is forming a working group, which, in\n          consultation with DOA and others, will develop records management guidance specific to\n          their needs.\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 22\n\n\n\n\n            22                                    SEMIANNUAL REPORT TO THE CONGRESS\n\n\n                      Challenges and FDIC Efforts Related to Predatory Lending\n                      Predatory lending typically involves imposing unfair and abusive loan terms on borrowers,\n                      and statistics show that borrowers lose more than $25 billion annually due to predatory prac-\n                      tices. Predatory lending can be detrimental to consumers and increases the financial and rep-\n                      utation risk for financial institutions. Characteristics potentially associated with predatory\n                      lending include, but are not limited to, (1) abusive collection practices, (2) balloon payments\n                      with unrealistic repayment terms, (3) equity stripping associated with repeat refinancing and\n                      excessive fees, and (4) excessive interest rates that may involve steering a borrower to a higher-\n                      cost loan.\n                      We conducted an audit to determine the challenges faced and the efforts taken by the FDIC\n                      to identify, assess, and address the risks posed to FDIC-supervised financial institutions and\n                      consumers from predatory lending practices. We also gained an understanding of the efforts\n                      taken by the other federal banking regulators to address predatory lending.\n                      The FDIC faces significant challenges associated with identifying, assessing, and addressing\n                      the risks posed to FDIC-supervised institutions and consumers by predatory lending. For\n                      example, (1) each loan transaction must be viewed in its totality to determine whether it may\n                      be predatory; (2) FDIC-supervised institutions can have direct or indirect involvement in\n                      predatory lending; and (3) nontraditional mortgages and other loan products are now avail-\n                      able that contain terms that may be viewed as appropriate for some borrowers, but predatory\n                      for others. Further, the FDIC must ensure that its efforts to combat predatory lending do\n                      not limit consumer access to legitimate sources of credit.\n                      FDIC guidance issued to examiners, FDIC-supervised financial institutions, and consumers\n                      addresses predatory lending. However, the guidance does not formally articulate a supervi-\n                      sory approach to address predatory lending and was not issued for the explicit purpose of\n                      identifying, assessing, and addressing the risks that such lending practices pose to institutions\n                      and consumers. Further, certain characteristics potentially indicative of predatory lending\n                      were not covered. The lack of an articulated supervisory approach and gaps in coverage could\n                      result in increased risk that predatory lending practices occur, are not detected, and harm\n                      institutions and consumers.\n                      We recommended that the FDIC describe in policy its overall approach to addressing preda-\n                      tory lending and review existing examiner, financial institution, and consumer guidance and\n                      determine whether additional guidance is needed to address the risks associated with preda-\n                      tory lending. We also noted for the FDIC\xe2\x80\x99s consideration other federal banking regulatory\n                      agencies\xe2\x80\x99 actions to identify, assess, and address predatory lending. FDIC management\n                      agreed with the recommendations and is taking responsive action.\n\n                      Examiner Use of HMDA Data\n                      The Home Mortgage Disclosure Act (HMDA) was enacted in 1975, and the Federal Reserve\n                      Board has statutory responsibility to promulgate HMDA regulations. HMDA requires mort-\n                      gage lenders to annually disclose data to the public on mortgage loan applications, origina-\n                      tions, and purchases of home mortgage, home improvement, and refinancing loans.\n                      The FDIC is required to assess HMDA compliance by FDIC-supervised institutions. Start-\n                      ing in 2004, institutions were required to include loan interest rate pricing information in\n                      HMDA data. The pricing information helps FDIC examiners in scoping fair lending exami-\n                      nations and detecting loan pricing disparities that may warrant further investigation.\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 23\n\n\n\n\n                                     SEMIANNUAL REPORT TO THE CONGRESS                                       23\n\n\n          We conducted an audit to determine whether the FDIC makes appropriate use of available\n          HMDA data to identify and assess instances of potential discrimination when examining an\n          institution\xe2\x80\x99s compliance with relevant laws and regulations.\n          We found that overall, the FDIC makes appropriate use of available HMDA data during\n          compliance examinations to identify and assess instances of potential discrimination in\n          FDIC-supervised institutions. Specifically, we found that for the 14 institutions we reviewed,\n          the FDIC used HMDA data to identify areas for review during examinations.\n          In addition, the FDIC has taken a positive step in instituting a project that requires increased\n          attention for institutions with higher-priced loans. The FDIC identified a number of such\n          institutions and when potential discriminatory practices were identified, the Corporation\n          followed up on concerns.\n          However, we noted that FDIC guidance could be improved and made recommendations\n          in that regard. We recommended that DSC (1) clarify examiner guidance related to report-\n          ing HMDA examination findings and handling institutions\xe2\x80\x99 review and resubmission of\n          corrected HMDA data, (2) provide additional examiner guidance on how to document\n          third-party residential mortgage lending relationships for HMDA reporting purposes, and\n          (3) emphasize examiner completion of the required checklist for HMDA reviews to docu-\n          ment work performed. The FDIC agreed or generally agreed with the recommendations\n          and is taking responsive actions.\n\n          Supervisory Actions Taken for Compliance Violations\n          The FDIC\xe2\x80\x99s compliance examination process is key to ascertaining the effectiveness of an\n          institution\xe2\x80\x99s program for complying with consumer protection laws and regulations. The\n          compliance examination and follow-up supervisory attention to violations and other deficien-\n          cies help to ensure that consumers and businesses obtain the benefits and protection afforded\n          them by law.\n          We performed an audit to determine whether the FDIC\xe2\x80\x99s DSC adequately addresses the vio-\n          lations and deficiencies reported in compliance examinations to ensure that FDIC-supervised\n          institutions take appropriate corrective action.\n          DSC identified and reported 9,534 significant compliance violations during 2005. Of the\n          1,945 financial institutions examined in 2005, 1,607 (83 percent) had been cited with compli-\n          ance violations deemed significant by the FDIC. Also, 837 (43 percent) of the 1,945 financial\n          institutions examined had repeat, significant violations, and 708 (85 percent) of these institu-\n          tions were rated \xe2\x80\x9c1\xe2\x80\x9d or \xe2\x80\x9c2.\xe2\x80\x9d\n          According to DSC officials, of the institutions examined in 2005, 96 percent were rated\n          \xe2\x80\x9c1\xe2\x80\x9d or \xe2\x80\x9c2,\xe2\x80\x9d indicating a strong or generally strong compliance position, while 4 percent\n          were rated \xe2\x80\x9c3,\xe2\x80\x9d \xe2\x80\x9c4\xe2\x80\x9d or \xe2\x80\x9c5,\xe2\x80\x9d indicating various levels of concern. DSC officials stated that\n          the FDIC\xe2\x80\x99s supervisory approach is to increase the level of attention as an institution\xe2\x80\x99s com-\n          pliance position worsens, and during 2005, DSC downgraded 297 institutions\xe2\x80\x99 compliance\n          ratings, issued 72 informal and 36 formal enforcement actions for compliance, and made\n          43 compliance referrals to the Department of Justice or other authorities.\n          However, we reported that DSC had not adequately ensured that the financial institutions in\n          our sample had taken appropriate corrective actions for repeat, significant violations that had\n          been cited during examinations. In many cases, consistent with the flexibility allowed by\n          DSC guidance for \xe2\x80\x9c1\xe2\x80\x9d or \xe2\x80\x9c2\xe2\x80\x9d rated institutions, DSC waited until the next examination to\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 24\n\n\n\n\n            24                                    SEMIANNUAL REPORT TO THE CONGRESS\n\n\n                      follow up on repeat, significant compliance violations that had been identified in multiple\n                      examinations before taking supervisory action.\n                      As a result of repeat, significant violations, consumers and businesses of the affected institu-\n                      tions may not obtain the benefits and protection afforded them by consumer protection laws\n                      and regulations. We also identified certain other matters for DSC\xe2\x80\x99s attention relating to\n                      (1) performance goals associated with supervisory actions taken for compliance violations\n                      and (2) consideration of an institution\xe2\x80\x99s training program in compliance ratings.\n                      The report makes three recommendations for DSC to strengthen its monitoring and follow-\n                      up processes by revising guidance on follow-up, considering supervisory action when an insti-\n                      tution\xe2\x80\x99s corrective action is not timely or when significant violations recur, and revising its\n                      related performance goal. DSC\xe2\x80\x99s management will reevaluate applicable guidance; analyze\n                      the prevalence and scope of repeatedly cited, significant violations over the next year; and\n                      make enhancements or clarifications as necessary. Management\xe2\x80\x99s planned actions are respon-\n                      sive to the recommendations.\n\n                      Ongoing Audit Work in the Consumer Protection Area\n                      As of the end of the reporting period, we were conducting an audit of DSC\xe2\x80\x99s IT examination\n                      procedures for addressing the security of sensitive customer data when the institutions use\n                      TSPs. Another of our ongoing audits is addressing the new interagency CRA guidelines.\n\n                      OIG Investigations Seek to Thwart Identity Theft\n                      Despite congressional efforts, regulations promulgated by federal agencies such as the FDIC,\n                      and added emphasis by law enforcement, identity theft is becoming more sophisticated and\n                      the number of victims is growing.\n                      Identity theft includes using the Internet for new crimes such as \xe2\x80\x9cphishing\xe2\x80\x9d e-mails and\n                      \xe2\x80\x9cpharming\xe2\x80\x9d Web sites that attempt to trick people into divulging their private financial infor-\n                      mation by pretending to be legitimate businesses or government entities with a need for the\n                      information that is requested. As referenced above, certain OIG audits and evaluations are\n                      designed to focus on these issues and determine the effectiveness of the FDIC\xe2\x80\x99s strategies and\n                      its implementation of programs and activities to protect consumer privacy. OIG criminal\n                      investigations expose those who illegally seek and use stolen identifications and bring them to\n                      justice. Examples of such investigative work conducted during the reporting period follow.\n\n                      ELECTRONIC CRIMES UNIT RESPONDS TO PHISHING SCAMS INVOLVING THE FDIC AND OIG\n                      The OIG\xe2\x80\x99s Electronic Crimes Unit (ECU) responded to eight new cases of phishing e-mails\n                      purporting to be from the FDIC or the FDIC OIG. The phishing emails contained links to\n                      Web sites that contained official looking forms that attempted to collect confidential or per-\n                      sonal information. In one instance, the link in the e-mail contained a program that would\n                      load another program on the victim\xe2\x80\x99s computer, seemingly capable of collecting password\n                      information from the victim\xe2\x80\x99s computer.\n                      In all eight cases, the ECU has worked with the Division of Information Technology, DSC,\n                      and outside security companies to successfully shut down the fraudulent Web sites. The\n                      ECU is also continuing to work with the United States Computer Emergency Readiness\n                      Team to analyze the suspicious program attempting to collect the victims\xe2\x80\x99 password informa-\n                      tion.\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 25\n\n\n\n\n                                     SEMIANNUAL REPORT TO THE CONGRESS                                       25\n\n\n          The ECU also continues to pursue the sources of phishing e-mails through issuance of sub-\n          poenas for customer account information and Internet Protocol address information related\n          to the individuals who sent the phishing e-mails and maintain the fraudulent Web sites.\n\n          Misrepresentation of FDIC Insurance\n          Unscrupulous individuals may attempt to misuse the FDIC\xe2\x80\x99s name, logo, abbreviation, or\n          other indicators to suggest that deposits or other products are fully insured. Such misrepre-\n          sentations induce the targets of schemes to trust in the strength of FDIC insurance while\n          misleading them as to the true nature of the insurance or investment products being offered.\n          Depositors may be particularly attracted to these misrepresented investments in our current\n          economy when interest paid on insured deposits is historically low and uninsured investments\n          can put an investor\xe2\x80\x99s principal at substantial risk. Further, abuses of this nature may erode\n          public confidence in federal deposit insurance. Some of our past semiannual reports to the\n          Congress provide information on cases that have been successfully investigated involving\n          these types of misrepresentations.\n\n          ECU RESPONDS TO ALLEGATIONS OF BANKS FALSELY ADVERTISING FDIC INSURANCE\n          During the reporting period, our ECU received two allegations of online financial institu-\n          tions that falsely advertised FDIC insurance. In both cases the ECU contacted the entities\n          that owned the Internet Protocol address where the online financial institution Web site was\n          located and informed them that it was a violation of U.S. law to falsely represent FDIC insur-\n          ance. In both cases, the Web sites were deactivated.\n\n          FOREIGN CURRENCY TRADER SENTENCED TO 5 YEARS\xe2\x80\x99 INCARCERATION\n          On April 27, 2006, in the Southern District of Florida, a foreign currency trader was sen-\n          tenced to 60 months of incarceration, to be followed by 36 months of supervised release. He\n          was also ordered to pay $5,455,476 in restitution to the victims he defrauded. His sentence\n          was the result of his guilty plea to one count of wire fraud in February 2006.\n          The defendant was previously indicted on 11 counts of wire fraud and 2 counts of forging\n          and counterfeiting official seals of the United States, including the logo of the FDIC. The\n          indictment to which the defendant pleaded guilty alleged that from April 1999 through June\n          2003, he fraudulently obtained $8.1 million from approximately 145 investors. The defen-\n          dant, an illegal immigrant, is a citizen of Venezuela and raised all of his money from investors\n          in Venezuela. The defendant solicited investors by representing that he had exceptional\n          investment expertise and success. He promised approximately 145 investors that they would\n          earn a monthly return of 3 percent or 36 percent per annum on their investment. Although\n          the defendant did trade some currency through brokers in New York and London, his actions\n          rapidly became a Ponzi scheme that began to collapse under its own weight.\n          When investors became suspicious and began asking for the return on their capital, the defen-\n          dant falsely advised them, directly and through his employees and associates, that he was\n          unable to return their investments because the FDIC had allegedly \xe2\x80\x9cfrozen\xe2\x80\x9d his funds pur-\n          suant to the USA PATRIOT Act, and as soon as his case was settled, he would return to the\n          investors the money they demanded. In support of this story, the defendant downloaded\n          from the Financial Crimes Enforcement Network, Department of the Treasury Web site, an\n          assessment of civil money penalty order involving Great Eastern Bank of Florida, an FDIC-\n          supervised institution in Miami, Florida. The defendant then replaced Great Eastern Bank\xe2\x80\x99s\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 26\n\n\n\n\n            26                                    SEMIANNUAL REPORT TO THE CONGRESS\n\n\n                      name with his own name, added the FDIC logo and seal to the document, and furnished a\n                      copy of the fraudulent document to each of his victims.\n                                                         Joint investigation by the FDIC OIG and FBI; prosecuted by the\n                                                                U.S. Attorney\xe2\x80\x99s Office for the Southern District of Florida.\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 27\n\n\n\n\n               S T R AT E G I C G O A L 4\n               Receivership Management\n               Help Ensure that the FDIC is Ready\n               to Resolve Failed Banks and\n               Effectively Manages Receiverships\n\n\n\n\n              When a bank that offers federal deposit insurance fails, the FDIC fulfills its role as\n              insurer by either facilitating the transfer of the institution\xe2\x80\x99s insured deposits to an\n              assuming institution or by paying insured depositors directly. The FDIC\xe2\x80\x99s DRR mis-\n              sion is to plan and efficiently handle the resolutions of failing FDIC-insured institu-\n              tions and to provide prompt, responsive, and efficient administration of failing and\n              failed financial institutions in order to maintain confidence and stability in the finan-\n              cial system.\n              When an institution is closed by its chartering authority\xe2\x80\x93the state for state-chartered\n              institutions, OCC for national banks, and the Office of Thrift Supervision for federal\n              savings associations\xe2\x80\x93the FDIC is responsible for resolving the failed bank or savings\n              association. The FDIC begins the resolution process with an assessment of the assets\n              and liabilities of the institution. Using this information, DRR solicits proposals from\n              approved bidders to pass the insured deposits to an assuming bank and expedite the\n              return of assets to the private sector. Once the FDIC is appointed receiver, it initiates\n              the closing process for the failed institution and works to provide the insured deposi-\n              tors with access to their accounts in 1 or 2 business days. To accomplish this, the\n              FDIC works with the assuming institution so that the insured deposit accounts are\n              transferred to the assuming institution as soon as possible.\n              If no assuming institution is found during the resolution process, the FDIC disburses\n              to customers of the failed institution the insured amount in each account category.\n              The FDIC, as receiver, manages the receivership estate and the subsidiaries of failed\n              financial institutions with the goal of achieving an expeditious and orderly termination.\n              Since the FDIC\xe2\x80\x99s inception over 70 years ago, no depositor has ever experienced a loss\n              of insured deposits at an FDIC-insured institution due to a failure. The year 2005 was\n              the first in the FDIC\xe2\x80\x99s history where no institution failed and there have been no fail-\n              ures in 2006 to date. Notwithstanding the current strength of the banking industry,\n              the FDIC could potentially have to handle a failing institution with a significantly\n              larger number of insured deposits than it has had to deal with in the past or have to\n              handle multiple failures caused by a single catastrophic event.\n\n\n\n                                                                                                          27\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 28\n\n\n\n\n            28                                    SEMIANNUAL REPORT TO THE CONGRESS\n\n\n                      The OIG\xe2\x80\x99s role under this strategic goal is conducting audits and evaluations that assess the\n                      effectiveness of the FDIC\xe2\x80\x99s various programs designed to ensure that the FDIC is ready to\n                      and does respond promptly, efficiently, and effectively to financial institution closings. Addi-\n                      tionally, the OIG investigative authorities are used to pursue instances where fraud is com-\n                      mitted to avoid paying the FDIC civil settlements, court-ordered restitution, and other\n                      payments as the institution receiver.\n                      To help ensure the FDIC is ready to resolve failed banks and effectively manages receiver-\n                      ships, the OIG\xe2\x80\x99s 2006 performance goals were as follows:\n                            \xe2\x96\xa0   Evaluate the FDIC\xe2\x80\x99s plans and systems for managing bank failures, and\n                            \xe2\x96\xa0   Assist the FDIC in recovering financial losses from individuals fraudulently conceal-\n                                ing assets.\n\n\n                      OIG Work in Support of Goal 4\n                      Ongoing work by both our Office of Audits and our Office of Investigations during the\n                      reporting period addressed the challenges that the Corporation faces in the receivership man-\n                      agement area.\n\n                      Office of Investigations Pursues Concealment of Assets Cases\n                      The FDIC was owed more than $1.7 billion in criminal restitution as of March 31, 2006.\n                      Most often, the individuals do not have the means to pay. However, a few individuals do\n                      have the means to pay but hide their assets and/or lie about their ability to pay. The OIG\xe2\x80\x99s\n                      Office of Investigations (OI) works closely with DRR and the Legal Division in aggressively\n                      pursuing criminal investigations of these individuals. As of September 30, 2006, conceal-\n                      ment of assets cases constituted 9 percent of OI\xe2\x80\x99s caseload. We are developing new cases in\n                      this area with the U.S. Attorney\xe2\x80\x99s Offices in the Southern District of Miami, Florida, and\n                      Boston, Massachusetts.\n\n                      Coordinating with DRR\n                      OI coordinates closely with the Corporation\xe2\x80\x99s DRR, with special attention to various types of\n                      financial institution fraud and related crimes, including concealment of assets cases. During\n                      the reporting period, such coordination continued in both our headquarters and Dallas field\n                      sites, where OI staff met with DRR and the Legal Division\xe2\x80\x99s Financial Crimes Unit. All crim-\n                      inal cases and referrals involving concealment of asset violations are further coordinated with\n                      the various U.S. Attorneys\xe2\x80\x99 Offices.\n                      In the case of bank closings where fraud is suspected, OI is prepared to send case agents and\n                      computer forensic special agents from the ECU to the institution. Their principal role is to\n                      provide computer forensic support to OI\xe2\x80\x99s investigations by obtaining, preserving, and later\n                      examining evidence from computers at the bank.\n\n                      Planned Audit and Evaluation Work for Fiscal Year 2007\n                      Upcoming work in this area will include evaluating the design and implementation of con-\n                      trols used by the FDIC to protect personal information collected and maintained in elec-\n                      tronic form as a result of resolution and receivership activity. We will also be monitoring\n                      DRR\xe2\x80\x99s planning for a potential large bank failure and will be ready to contribute to that\n                      effort, as needed.\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 29\n\n\n\n\n               S T R AT E G I C G O A L 5\n               Resources Management\n               Promote Sound Governance and\n               Effective Stewardship of Financial,\n               Human, IT, and Procurement Resources\n\n\n\n\n              The FDIC must effectively manage and utilize a number of critical strategic resources\n              in order to carry out its mission successfully, particularly its financial, human, IT, and\n              procurement resources. The Corporation does not receive an annual appropriation,\n              except for its OIG, but rather is funded by the premiums that banks and thrift institu-\n              tions pay for deposit insurance coverage, the sale of assets recovered from failed banks\n              and thrifts, and earnings on investments in U.S. Treasury securities.\n              The FDIC Board of Directors approves an annual Corporate Operating Budget to fund\n              the operations of the Corporation. The FDIC\xe2\x80\x99s separate Investment Budget is com-\n              posed of individual project budgets approved by the Board of Directors for major\n              investment projects.\n              Financial resources are but one aspect of the FDIC\xe2\x80\x99s critical assets. The Corporation\xe2\x80\x99s\n              human capital is also vital to its success. Currently, about 4,560 employees in offices\n              throughout the U.S. conduct the FDIC mission. The Corporation\xe2\x80\x99s workforce is sup-\n              plemented by various contracts which must also be overseen by the Corporation. The\n              value of active contracts as of March 2006 totalled $1.52 billion.\n              Information technology drives and supports the manner in which the public and pri-\n              vate sector conduct their work. At the FDIC, the Corporation seeks to leverage IT to\n              support its business goals and to improve the operational efficiency of its business\n              processes. Along with the positive benefits that IT offers comes a certain degree of risk.\n              A key effort for all agencies must be the establishment of effective information security\n              programs. Title II of the E-Government Act of 2002, entitled the Federal Information\n              Security Management Act, requires each agency to develop, document, and implement\n              an agency-wide information security program to provide adequate security for the\n              information and information systems that support the operations and assets of the\n              agency.\n              The OIG\xe2\x80\x99s role in this strategic goal is to perform audits, evaluations, investigations\n              that\n                   \xe2\x96\xa0   identify opportunities for more economical, efficient, and effective corporate\n                       expenditures of funds;\n                   \xe2\x96\xa0   recommend actions for more effective governance and risk management prac-\n                       tices;                                                                              29\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 30\n\n\n\n\n            30                                    SEMIANNUAL REPORT TO THE CONGRESS\n\n\n                            \xe2\x96\xa0   foster corporate human capital strategies that benefit employees; strengthen employ-\n                                ees\xe2\x80\x99 knowledge, skills, and abilities; ensure employee and contractor integrity; and\n                                inspire employees to perform to their maximum capacity;\n                            \xe2\x96\xa0   help the Corporation to leverage the value of technology in accomplishing the corpo-\n                                rate mission and promote the security of both IT and human resources; and\n                            \xe2\x96\xa0   ensure that procurement practices are fair, efficient, effective, and economical.\n                      To promote sound governance and effective stewardship of FDIC strategic resources, the\n                      OIG\xe2\x80\x99s 2006 performance goals were as follows:\n                            \xe2\x96\xa0   Evaluate the Corporation\xe2\x80\x99s efforts to fund operations efficiently, effectively, and eco-\n                                nomically.\n                            \xe2\x96\xa0   Assess the Corporation\xe2\x80\x99s human capital strategic initiatives to ensure a high-perform-\n                                ing work-force that views the FDIC as an employer of choice and that stands ready to\n                                meet challenges in the banking industry.\n                            \xe2\x96\xa0   Promote maximization of IT resources for efficiency and effectiveness and ensure IT\n                                and physical security to protect all FDIC resources from harm.\n                            \xe2\x96\xa0   Evaluate the Corporation\xe2\x80\x99s contracting efforts to ensure goods and services are fairly,\n                                efficiently, and economically procured.\n                            \xe2\x96\xa0   Monitor corporate efforts to identify and analyze the FDIC risk environment and val-\n                                idate that a sound internal control environment is in place and working well.\n\n\n                      OIG Work in Support of Goal 5\n                      Much of our Office of Audits\xe2\x80\x99 work was conducted in pursuit of this strategic goal during\n                      the reporting period, as shown in the following discussion. Audits and evaluations addressed\n                      important emergency preparedness issues, information security matters, and various aspects\n                      of corporate procurement activities.\n\n                      Emergency Response Plans\n                      The Federal Emergency Management Agency issued Federal Preparedness Circular 65, which\n                      provides guidance for agencies in developing contingency plans that include emergency plan-\n                      ning for the safety and security of agency personnel.\n                      The FDIC\xe2\x80\x99s Emergency Preparedness Program provides the FDIC\xe2\x80\x99s emergency response pol-\n                      icy and requires that emergency response plans (ERPs) be established in Washington Area\n                      Headquarters Offices (HQ) and in each of the regional offices. The ERPs document the\n                      FDIC\xe2\x80\x99s procedures and structure to ensure the safety and security of all FDIC personnel dur-\n                      ing an emergency. During the reporting period, we evaluated the FDIC\xe2\x80\x99s progress in develop-\n                      ing and implementing comprehensive ERPs.\n                      Our work determined that the FDIC\xe2\x80\x99s emergency response policy provides a framework from\n                      which comprehensive ERPs have been established for HQ (including divisional ERPs for spe-\n                      cific functional areas of concern) and the two regional offices we reviewed. The ERPs we\n                      reviewed address most of the recommended emergency response elements contained in fed-\n                      eral agency criteria for emergency response planning. However, we reported that FDIC sen-\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 31\n\n\n\n\n                                     SEMIANNUAL REPORT TO THE CONGRESS                                      31\n\n\n          ior management, particularly in HQ, could do more to \xe2\x80\x9cset the tone\xe2\x80\x9d regarding the impor-\n          tance of emergency response through more public involvement in, and support for, ERPs.\n          Additional guidance was also needed on certain aspects of the FDIC\xe2\x80\x99s emergency response\n          policy and the ERPs we reviewed, including:\n               \xe2\x96\xa0   updating ERPs on a regular basis so they remain current,\n               \xe2\x96\xa0   conducting evacuation and shelter-in-place drills,\n               \xe2\x96\xa0   inventorying and maintaining emergency food and water supplies,\n               \xe2\x96\xa0   providing information on available first-aid and medical response,\n               \xe2\x96\xa0   incorporating the child-care facility ERP into the HQ ERP, and\n               \xe2\x96\xa0   developing additional procedures for employees with disabilities.\n          We made two recommendations to strengthen the emergency response policy and the mainte-\n          nance, communication, and content of the FDIC\xe2\x80\x99s ERPs. DOA concurred with both recom-\n          mendations and has planned or initiated actions that are responsive to both\n          recommendations.\n\n          FISMA Evaluation\n          To achieve its mission, the FDIC relies on automated information systems to collect, process,\n          and store vast amounts of banking and other sensitive information. Much of this informa-\n          tion is used by financial regulators, academia, and the public to monitor bank performance,\n          develop regulatory policy, and conduct research on and analysis of important banking issues.\n          Ensuring the integrity, availability, and appropriate confidentiality of this information in an\n          environment of increasingly sophisticated security threats and global connectivity requires a\n          strong, enterprise-wide information security program.\n          In accordance with the Federal Information Security Management Act of 2002 (FISMA), we\n          performed an evaluation to determine the effectiveness of the FDIC\xe2\x80\x99s information security\n          program and practices, including the FDIC\xe2\x80\x99s compliance with FISMA and related informa-\n          tion security policies, procedures, standards, and guidelines.\n          We reported that as a result of focused efforts over the last several years, the FDIC has made\n          significant progress in improving its information security program and practices. Further,\n          additional improvements were underway at the time of our evaluation. Our work did not\n          identify any significant deficiencies in the FDIC\xe2\x80\x99s information security program that warrant\n          consideration as a potential material weakness as defined by the Office of Management and\n          Budget (OMB). However, we reported that continued management attention is needed in\n          key security control areas to ensure that appropriate risk-based and cost-effective security\n          controls are in place to secure the FDIC\xe2\x80\x99s information resources. These areas included enter-\n          prise architecture, configuration management, access controls, and audit and accountability\n          controls, among others. Therefore, we concluded that the FDIC had established and imple-\n          mented internal controls that provided limited assurance of adequate security for its informa-\n          tion resources. Our report includes a number of steps that the Corporation can take to\n          strengthen its information security program and practices. In many cases, the FDIC was\n          already working to address these steps.\n          With assistance from KPMG LLP, (KPMG) we also responded to a set of questions issued\n          by OMB related to specific security issues. Our work determined that the FDIC had imple-\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 32\n\n\n\n\n            32                                    SEMIANNUAL REPORT TO THE CONGRESS\n\n\n                      mented actions that substantially addressed the criteria used by OMB for assessing the status\n                      of those aspects of agency security programs. Still, continued management attention was\n                      need in some security control areas, as discussed in more detail in our FISMA evaluation\n                      report itself.\n\n                      Privacy Work Requested by OMB\n                      In its July 2006 memorandum entitled Fiscal Year 2006 Reporting Instructions for FISMA\n                      and Agency Privacy Management, the OMB requested that agency IGs provide any meaning-\n                      ful information related to their agency\xe2\x80\x99s privacy program and related activities.\n                      We contracted with KPMG to audit the status of the FDIC\xe2\x80\x99s privacy program as part of our\n                      FISMA-related coverage. We reported that the FDIC has strengthened controls related to\n                      information in an identifiable form (IIF), implemented training to promote Privacy Act\n                      awareness, and identified systems with IIF and performed privacy impact assessments for\n                      most of them. We did, however, note that the FDIC could strengthen privacy management\n                      by completing some of its ongoing efforts. KPMG will be performing a more in-depth\n                      review, as required by Section 522 of the Consolidated Appropriations Act of 2005, of the\n                      FDIC\xe2\x80\x99s use of IIF and related privacy protection policies and procedures. A final report will\n                      be issued in December 2006.\n                      In an earlier OMB memorandum in June 2006, entitled, Protection of Sensitive Agency\n                      Information, OMB called for use of a National Institute of Standards and Technology check-\n                      list to assess protection of remotely accessible IIF and recommended additional controls when\n                      IIF is removed or accessed from outside the agency.\n                      We contracted with KPMG to audit and report on the status of the FDIC\xe2\x80\x99s implementation\n                      of the information protection controls related to remote access, transport, and storage of sen-\n                      sitive agency information. The audit found that the Corporation had taken a number of\n                      steps to protect IIF and other sensitive information, and additional control improvements\n                      were underway. However, the FDIC needed to do more to implement the National Institute\n                      of Standards and Technology checklist and fully address OMB\xe2\x80\x99s recommendations for safe-\n                      guarding sensitive information.\n\n                      Application Controls\n                      The FDIC relies heavily on application systems to collect, process, and store sensitive data\n                      such as financial institution examination ratings, pending enforcement actions, and person-\n                      ally identifiable information. It is imperative, therefore, that the FDIC implement controls\n                      to ensure that user access privileges are commensurate with job responsibilities and that user\n                      activities are recorded and periodically reviewed.\n                      During the reporting period we conducted an audit to determine whether the Corporation\xe2\x80\x99s\n                      controls provide reasonable assurance of adequate security. We reported that the Corporation\n                      had established and implemented a number of controls in this regard. However, we made\n                      several recommendations to further protect applications that process sensitive information.\n\n                      Controls Over the Disposal of Sensitive FDIC Information\n                      As emphasized above, much of the Corporation\xe2\x80\x99s sensitive information must be protected in\n                      accordance with federal statutes and regulations. It is also critical that the Corporation\n                      implement appropriate controls when disposing of sensitive information to prevent an unau-\n                      thorized disclosure that could lead to potential legal liability or public embarrassment.\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 33\n\n\n\n\n                                     SEMIANNUAL REPORT TO THE CONGRESS                                      33\n\n\n          To determine whether the FDIC has adequate controls for ensuring the secure disposal of\n          sensitive information, we conducted an audit that focused on the disposal of information in\n          shredder bins and consoles provided by a contractor for the FDIC\xe2\x80\x99s headquarters offices.\n          Although the FDIC had established a number of key controls, the Corporation needed to\n          improve its oversight of the contract to ensure that the controls were effectively implemented.\n          We also identified matters relating to subcontractor costs and agreements, and the identifica-\n          tion of the records management contractors that warranted management attention. We made\n          recommendations to address these matters, and the Corporation\xe2\x80\x99s planned actions were\n          responsive.\n\n          Contract Administration\n          The FDIC is increasingly relying on contractors to accomplish its mission. Contract admin-\n          istration begins after contract award and ends when goods or services have been accepted and\n          the contractor has received final payment.\n          Effective contract administration (1) helps to ensure that the contractor delivers the required\n          goods or services according to the contract delivery schedule and (2) includes monitoring\n          cost, schedule, and technical performance and ensuring that payments are authorized and\n          supported. Both the contracting and program offices at the FDIC are key players in contract\n          administration.\n          We conducted an evaluation to assess the strengths and weaknesses of the FDIC\xe2\x80\x99s contract\n          administration policies, procedures, and practices for ensuring that contract cost, schedule,\n          and performance requirements are met.\n          During our evaluation, DOA\xe2\x80\x99s Acquisition Services Branch (ASB) had a number of initiatives\n          in progress. Specifically, ASB had streamlined contract administration by (1) moving toward\n          larger consolidated contracts, including participation in interagency contracting efforts;\n          (2) centralizing contracting efforts that were formerly administered in FDIC regional offices;\n          and (3) increasing procurement card purchasing limits to include smaller recurring contracts.\n          ASB also defined new competency and skill requirements, pursued targeted recruitments to\n          address skills gaps, and reduced overall staff by approximately 50 percent since the beginning\n          of 2005.\n          As ASB continues to transform its acquisition function, we concluded that ASB and senior\n          FDIC management needs to devote additional attention to the following areas:\n               \xe2\x96\xa0   Acquisition Workforce Planning\n               \xe2\x96\xa0   Acquisition Procedures\n               \xe2\x96\xa0   Administration of Contracts\n               \xe2\x96\xa0   Contract Management System\n               \xe2\x96\xa0   Contract Close Out\n          We made 13 recommendations for improvement. Addressing these issues should help to\n          ensure an efficient, effective, and accountable contract administration process and better\n          position the FDIC to control costs, meet scheduled timeframes, and ensure contractor per-\n          formance. DOA concurred with all recommendations and has planned or initiated actions\n          that are responsive to each recommendation.\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 34\n\n\n\n\n            34                                    SEMIANNUAL REPORT TO THE CONGRESS\n\n\n                      Ongoing Audit Work\n                      Ongoing work at the end of the reporting period in support of this strategic goal included\n                      audits related to the following: classification of salary costs in the New Financial Environ-\n                      ment, FDIC performance measures, FDIC\xe2\x80\x99s succession planning efforts, and contracting\n                      activities and controls associated with both the Federal Systems Integration Management\n                      contract with the General Services Administration and the Corporation\xe2\x80\x99s consolidated IT\n                      Application Services contract.\n\n                      Investigations of Employee and Contractor Actions\n                      The OIG conducts investigations, as needed, of criminal or serious misconduct on the part of\n                      FDIC employees and contractors to ensure a working environment of high integrity. During\n                      the reporting period there were no such cases completed.\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 35\n\n\n\n\n               S T R AT E G I C G O A L 6\n               OIG Internal Processes\n               Continuously Enhance the OIG\xe2\x80\x99s\n               Business and Management Processes\n\n\n\n\n              The FDIC OIG is one of 57 such offices in the federal government. Along with the\n              Government Accountability Office and other law enforcement organizations, the\n              Inspectors General are part of a network of government organizations with common\n              purposes for fostering greater accountability, integrity, and excellence in government\n              programs and operations.\n              While our organization is focused on the FDIC\xe2\x80\x99s programs and operations, the OIG\n              has an inherent obligation to hold itself and its people to the highest standards of per-\n              formance and conduct. Like any organization, we have processes and procedures for\n              conducting our work; communicating with our clients, staff, and stakeholders; manag-\n              ing our financial resources; aligning our human capital to our mission; strategically\n              planning and measuring the outcomes of our work; maximizing the cost-effective use\n              of technology; and ensuring our work products are timely, value-added, accurate, com-\n              plete, and meet applicable professional standards.\n              To continuously enhance the OIG\xe2\x80\x99s business and management processes, the OIG\xe2\x80\x99s\n              2006 performance goals were as follows:\n                   \xe2\x96\xa0   Enhance strategic and annual planning and performance measurement;\n                   \xe2\x96\xa0   Strengthen human capital management to achieve enhanced results;\n                   \xe2\x96\xa0   Ensure the quality and efficiency of OIG audits, evaluations, and investiga-\n                       tions;\n                   \xe2\x96\xa0   Foster good relationships with clients, stakeholders, and OIG staff; and\n                   \xe2\x96\xa0   Invest in cost-effective and secure IT that improves performance and produc-\n                       tivity.\n              The following actions during the reporting period supported our efforts to continu-\n              ously enhance our business and management processes.\n\n\n\n\n                                                                                                          35\n\x0c0064-FDIC_FDIC text .qxd   12/6/06    5:07 PM   Page 36\n\n\n\n\n            36                                     SEMIANNUAL REPORT TO THE CONGRESS\n\n\n                      Strategic and Annual Planning and Performance Measurement\n                      Activities\n                           \xe2\x97\x8f   Worked to formulate the OIG\xe2\x80\x99s 2007 Business Plan, including conducting outreach\n                               sessions to FDIC Division directors and senior management to provide input and feed-\n                               back. The business planning approach seeks to integrate and align performance plan-\n                               ning, audit and evaluation planning, performance reporting, and budgeting processes.\n                           \xe2\x97\x8f   Formulated the fiscal year 2008 appropriated budget request to provide the FDIC\n                               Chairman for concurrence.\n                           \xe2\x97\x8f   Continued to monitor and assess the OIG\xe2\x80\x99s risks and the internal controls in place to\n                               manage the risks as part of our responsibilities under the Corporation\xe2\x80\x99s Internal Control\n                               and Risk Management Program. Each OIG Accountability Unit Manager is submitting\n                               internal control test results for 2006 to support assertions regarding the extent of com-\n                               pliance with the 2006 FDIC Internal Control Program and whether unit objectives\n                               have been achieved. These certifications will support an assurance statement addressing\n                               OIG-wide Internal Control Program compliance for 2006. Managers are updating their\n                               management control plans and accountability units for 2007.\n\n\n                      Human Capital Initiatives\n                           \xe2\x97\x8f   Continued to focus on Office of Audits\xe2\x80\x99 training program, including ensuring course\n                               completions for needed continuing professional education credits and developing and\n                               delivering a course for all Office of Audits staff related to audit assignment planning and\n                               message design.\n                           \xe2\x97\x8f   Continued OIG mentoring program that pairs newer staff with more experienced OIG\n                               staff to help guide new staff and promote professional development.\n\n\n                      Quality of Audits, Evaluations, Investigations\n                           \xe2\x97\x8f   Counsel\xe2\x80\x99s Office provided advice and counsel and determinations of legal applicability\n                               on issues arising with respect to audits, evaluations, and investigations, including the\n                               legal accuracy and sufficiency of audit and evaluation reports.\n                           \xe2\x97\x8f   Began peer review of Department of Justice Office of Audit, in accordance with the\n                               President\xe2\x80\x99s Council on Integrity and Efficiency (PCIE) Peer Review Guide. Final report\n                               is expected in February 2007.\n                           \xe2\x97\x8f   Conducted internal quality assurance reviews of the OIG\xe2\x80\x99s Western Region Chicago and\n                               Dallas Offices of Investigation.\n                           \xe2\x97\x8f   Conducted quality control reviews of Office of Audits directorates.\n\n\n                      Fostering Good Relationships with Stakeholders\n                           \xe2\x97\x8f   Participated in quarterly meetings with FDIC senior management officials to keep them\n                               apprised of ongoing audit and evaluation reviews and results.\n                           \xe2\x97\x8f   Continued to work closely with FDIC developing presentations that include in-depth\n                               discussions of \xe2\x80\x9clessons learned/red flags\xe2\x80\x9d based on our experience in investigating major\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 37\n\n\n\n\n                                      SEMIANNUAL REPORT TO THE CONGRESS                                                  37\n\n\n                 fraud at financial institutions. The presentations provide an overview of the investigative\n                 process, alert examiners to possible red flags or signs of fraud and/or obstruction, and\n                 provide guidance on making referrals and coordinating with the OIG regarding sus-\n                 pected fraud. Office of Investigations provides these types of presentations at training\n                 conferences, Federal Financial\n                 Institutions Examination Coun-\n                 cil seminars, DSC Field Office                  A Strong Partnership\n                 and Case Managers\xe2\x80\x99 meetings,\n                 and bankers\xe2\x80\x99 outreach sessions.        The OIG has partnered with various U.S. Attorneys\xe2\x80\x99 Offices\n                                                         throughout the country in bringing to justice individuals\n             \xe2\x97\x8f   Continued efforts to keep DSC,          who have defrauded the FDIC or financial institutions\n                 DRR, Legal, and other FDIC              within the jurisdiction of the FDIC, or criminally impeded\n                 program offices informed of the         the FDIC\xe2\x80\x99s examination and resolution processes. The\n                 status and results of our inves-        alliances with the U.S. Attorneys\xe2\x80\x99 Offices have yielded\n                 tigative work impacting their           positive results during this reporting period.\n                 respective offices. We continued\n                                                         Our strong partnership has evolved from years of trust and\n                 to issue quarterly reports to\n                                                         hard work in pursuing offenders through parallel criminal\n                 DSC, DRR, Legal and the\n                                                         and civil remedies resulting in major successes, with\n                 Chairman\xe2\x80\x99s Office outlining\n                                                         harsh sanctions for the offenders. Our collective efforts\n                 activity and results in our cases\n                                                         have served as a deterrent to others contemplating crimi-\n                 involving closed and open banks,\n                                                         nal activity and helped maintain the public\xe2\x80\x99s confidence in\n                 and asset concealment and resti-\n                                                         the nation\xe2\x80\x99s financial system.\n                 tution cases. We continued to\n                 meet quarterly with DSC, DRR,           For the current reporting period, we are especially appre-\n                 and the Financial Crimes Unit to        ciative of the efforts of the Assistant U.S. Attorneys in the\n                 review ongoing cases of interest,       following offices: Southern District of Florida, Western Dis-\n                 and we coordinated routinely            trict of Wisconsin, District of Missouri, Eastern District of\n                 with these offices. As appropri-        Tennessee, Northern District of Illinois, Central District of\n                 ate, we briefed affected program        Illinois, Northern District of Texas, Southern District of\n                 officials regarding employee            Texas, Northern District of Iowa, District of Minnesota,\n                 cases.                                  District of Massachusetts, and the Western District of\n                                                         Oklahoma.\n             \xe2\x97\x8f   Reviewed and provided timely\n                 comments to corporate stake-\n                 holders on six corporate directives and circulars. Of note, we provided substantive com-\n                 ments on proposed policy regarding protection of privacy information about\n                 individuals, the FDIC\xe2\x80\x99s software configuration management policy, the FDIC personnel\n                 suitability program, and the FDIC enterprise risk management program.\n             \xe2\x97\x8f   Attended monthly meetings of the FDIC Audit Committee and presented the results of\n                 significant audit and evaluation assignments for consideration by Committee Members.\n             \xe2\x97\x8f   Communicated with the Chairman and Vice Chairman through the Inspector General\xe2\x80\x99s\n                 regularly scheduled meetings with them and in other forums.\n             \xe2\x97\x8f   Participated with other OIGs in the PCIE and Executive Council on Integrity and Effi-\n                 ciency through attendance at regular meetings and participation in ongoing activities in\n                 the Inspector General (IG) community, such as sharing investigative best practices,\n                 working on the community\xe2\x80\x99s new FISMA reporting framework, and responding to vari-\n                 ous surveys.\n             \xe2\x97\x8f   Met with representatives of the OIGs of the federal banking regulators (Federal Reserve\n                 Board, Department of the Treasury, and National Credit Union Administration) to dis-\n                 cuss audit and investigative matters of mutual interest.\n\x0c0064-FDIC_FDIC text .qxd   12/6/06    5:07 PM   Page 38\n\n\n\n\n            38                                     SEMIANNUAL REPORT TO THE CONGRESS\n\n\n                           \xe2\x97\x8f   Attended regular Assistant IG for Investigation meetings. OI representatives also regu-\n                               larly attended meetings of the National Bank Fraud Working Group and similar work-\n                               ing groups held throughout the country. OI participates in the Cyber Fraud and the\n                               Check Fraud working groups, subgroups of the Bank Fraud Working Group, attended\n                               by law enforcement, Department of Justice officials, and regulators.\n                           \xe2\x97\x8f   Held congressional briefings with Senate Banking Committee and House Financial Ser-\n                               vices staff on matters of mutual interest and kept them apprised of OIG progress in\n                               reporting on such issues as predatory lending and industrial loan companies.\n                           \xe2\x97\x8f   Briefed new IG on background of the OIG\xe2\x80\x99s Employee Advisory Group, a forum for\n                               employees to address concerns and provide ideas to the IG for improving business\n                               processes, employee relations, and working conditions. Scheduled early October meet-\n                               ing with the IG to continue the Employee Advisory Group forum.\n\n\n                      Investing in Cost-Effective, Secure IT to Enhance Performance and\n                      Productivity\n                           \xe2\x97\x8f   Continued work with the OIG component offices to post and/or update information\n                               on the FDIC OIG Internet and Intranet sites in the interest of facilitating internal work\n                               efforts and providing easily accessible information to parties external to our office who\n                               are interested in our office and the results of our work.\n                           \xe2\x97\x8f   Ensured that all OIG staff completed required Security Awareness and Privacy Act train-\n                               ing.\n                           \xe2\x97\x8f   Made the OIG Dashboard\n                               accessible to all OIG staff.\n                               The dashboard contains\n                               information supporting the\n                               OIG\xe2\x80\x99s strategic and perform-\n                               ance goals\xe2\x80\x94both qualitative\n                               and quantitative\xe2\x80\x94so that all\n                               staff can see the OIG\xe2\x80\x99s over-\n                               all progress in meeting those\n                               goals and the value of their\n                               individual contributions to\n                               the OIG mission.\n                           \xe2\x97\x8f   Took a number of measures\n                               in coordination with the\n                               Division of Information\n                               Technology to ensure the\n                               security and uninterrupted\n                               availability of OIG IT\n                               resources and data, including\n                               disseminating security-\n                               related tips and information\n                               to OIG staff on a regular\n                               basis.\n\x0c0064-FDIC_FDIC text .qxd    12/6/06     5:07 PM     Page 39\n\n\n\n\n                                         SEMIANNUAL REPORT TO THE CONGRESS                                           39\n\n\n\n                             Cumulative\n                 Cumulative Results (2-year period)Results             (2-year period)\n\n                                              Nonmonetary Recommendations\n\n                                                   October 2004 \xe2\x80\x93 March 2005            37\n                                                   April 2005 \xe2\x80\x93 September 2005          39\n                                                   October 2005 \xe2\x80\x93 March 2006            34\n                                                   April 2006 \xe2\x80\x93 September 2006          48\n\n\n                 Products Issued and Investigations Closed\n\n                 40                                                                              37\n\n\n                 30\n                                         23\n                                                                           20                                 21\n                 20           17                                                        18\n                                                              15\n                                                   11\n                 10\n\n                  0\n                           10/04\xe2\x80\x933/05 4/05\xe2\x80\x939/05 10/05\xe2\x80\x933/06 4/06\xe2\x80\x939/06     10/04\xe2\x80\x933/05 4/05\xe2\x80\x939/05 10/05\xe2\x80\x933/06 4/06\xe2\x80\x939/06\n                                   Audits and Evaluations                              Investigations\n\n\n                 Questioned Costs/Funds Put to Better Use (in millions)\n\n                 60\n                 50\n                 40\n                 30\n                 20\n                                11.9\n                 10                                                              4.9\n                                                          0.98                                            0\n                  0\n                            10/04\xe2\x80\x933/05                  4/05\xe2\x80\x939/05         10/05\xe2\x80\x933/06                  4/06\xe2\x80\x939/06\n\n\n                 Fines, Restitution, and Monetary Recoveries Resulting from OIG Investigations (in millions)\n\n                 40\n\n                 30                                                                                     27.2\n                                24.1\n\n                 20\n                                                                               12.8\n                 10                                        5.4\n\n                  0\n                            10/04\xe2\x80\x933/05                  4/05\xe2\x80\x939/05         10/05\xe2\x80\x933/06                  4/06\xe2\x80\x939/06\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 40\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 41\n\n\n\n\n               Fiscal Year 2006\n               Performance Report\n\n\n\n\n              This performance report presents an overview of our performance compared to our fiscal\n              year 2006 annual performance goals in our Business Plan. It provides a statistical summary\n              of our qualitative goals as well as a narrative summary of performance results by Strategic\n              Goal. It also shows our results in meeting a set of quantitative goals that we established for\n              the year. Our complete 2006 Business Plan is available at www.fdicig.gov.\n              We formulated six strategic goals, as shown in the table on the following page. Each of our\n              strategic goals, which are long-term efforts, has annual performance goals and key efforts\n              that represent our initiatives in fiscal year 2006 toward accomplishing the strategic goal.\n              The table reflects the number of performance goals that were Met, Substantially Met, or\n              Not Met. This determination was made through discussion at the OIG Executive level and\n              a qualitative assessment as to the impact and value of the audit, evaluation, investigation,\n              and other work of the OIG supporting these goals throughout the year.\n              As shown in the table, we met or substantially met all of our performance goals in fiscal year\n              2006. A discussion of our success in each of the 6 goals follows the table.\n\n\n\n\n                                                                                                               41\n\x0c0064-FDIC_FDIC text .qxd    12/6/06     5:07 PM   Page 42\n\n\n\n\n            42                                        SEMIANNUAL REPORT TO THE CONGRESS\n\n\n                           Fiscal Year 2006 Annual Performance Goal Accomplishment\n                           (Number of Goals)\n                           Strategic Goals                           Met   Substantially   Not Met       Total\n                                                                               Met\n\n                           Supervision: Assist the\n                           FDIC to Ensure the Nation\xe2\x80\x99s\n                           Banks Operate Safely and Soundly           1         1                          2\n\n                           Insurance: Help the FDIC\n                           Maintain the Viability\n                           of the Insurance Funds                     2                                    2\n\n                           Consumer Protection:\n                           Assist the FDIC to Protect\n                           Consumer Rights and Ensure\n                           Community Reinvestment                     3                                    3\n\n                           Receivership Management:\n                           Help Ensure that the FDIC is Ready\n                           to Resolve Failed Banks and Effectively\n                           Manages Receiverships                      1         1                          2\n\n                           Resources Management:\n                           Promote Sound Governance\n                           and Effective Stewardship of\n                           Financial, Human, IT, and\n                           Procurement Resources                      3         2                          5\n\n                           OIG Internal Processes:\n                           Continuously Enhance\n                           the OIG\xe2\x80\x99s Business and\n                           Management Processes                       4         1                          5\n\n                           Total                                     14         5                         19\n\n                           Percentage                                74         26                        100\n\n\n\n\n                      Supervision: Assist the FDIC to Ensure the Nation\xe2\x80\x99s Banks\n                      Operate Safely and Soundly\n                      Our success in achieving this goal is largely due to our investigative activity. Some of our\n                      most significant cases involving financial institution fraud achieved impressive results. For-\n                      mer Community Bank of Blountsville executives and an excavating contractor received stiff\n                      sentences for conspiracy, bank fraud, and causing false entries in bank records. The former\n                      President of Hawkeye State Bank was sentenced to 65 months\xe2\x80\x99 incarceration and ordered to\n                      pay $3.6 million in restitution for theft, embezzlement, misapplication by a bank officer, and\n                      engaging in monetary transactions in property derived from unlawful activity. The former\n                      director and the former president of the Bank of Alamo, along with four bank customers,\n                      were indicted on charges of conspiracy, money laundering, and bank fraud. The former\n                      chairman of the board and chief executive officer of Hamilton Bank was sentenced to\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 43\n\n\n\n\n                                     SEMIANNUAL REPORT TO THE CONGRESS                                           43\n\n\n          30 years of incarceration and 36 months of supervised release. He had earlier been convicted\n          on all 16 charges of making false filings to the Securities and Exchange Commission and to\n          bank examiners, making false statements, wire fraud, bank fraud, securities fraud, obstruction\n          of a bank examination, and conspiracy. The former Hamilton Bank president and the former\n          chief financial officer also received stiff sentences for their roles in the fraud. In another case,\n          the former president of the First National Bank of Blanchardville, Wisconsin, was sentenced\n          to 108 months\xe2\x80\x99 incarceration to be followed by 5 years of supervised release and was ordered\n          to pay $13.4 million in restitution to the FDIC. Investigations also uncovered real-estate\n          fraud schemes involving property flips and other types of mortgage fraud that impacted\n          FDIC-supervised institutions. In another case, a securities broker was also sentenced to\n          60 months\xe2\x80\x99 probation and 6 months\xe2\x80\x99 home confinement after pleading guilty to obstructing\n          an examination of a financial institution.\n\n\n          Insurance: Help the FDIC maintain the viability of\n          the insurance funds\n          Several audit and evaluation assignments during the fiscal year focused on helping to main-\n          tain the viability of the insurance funds. We issued a report on the FDIC\xe2\x80\x99s risk-related\n          premium system leading to the Division of Insurance and Research\xe2\x80\x99s (DIR) considering\n          improvements to the assessment system to reflect changes in an institution\xe2\x80\x99s capital level\n          and examination composite ratings more frequently than semiannually. DIR will present\n          improvements to the FDIC Board in conjunction with changes resulting from deposit insur-\n          ance reform legislation. DIR committed to recommending assessment rates that better reflect\n          differences among FDIC-insured institutions and that would be most likely to keep the\n          insurance fund\xe2\x80\x99s reserve ratio within the range contemplated by legislation. We issued a\n          report on the FDIC\xe2\x80\x99s reserve ratio and assessments determination process, recommending\n          that the Corporation periodically validate key assumptions, estimates, or other components\n          that factor into the calculation of the reserve ratio. Importantly, in connection with corpo-\n          rate governance practices, in that same report, we recommended improved communication of\n          information relevant to assessment determinations and other corporate matters and activities\n          to the FDIC Board of Directors. In response, the FDIC undertook an extensive review of\n          delegations of authority. In another evaluation report on the industrial loan company insur-\n          ance application process, we made six recommendations to strengthen that process and subse-\n          quent monitoring of conditions imposed on industrial loan companies and business\n          processes.\n\n\n          Consumer Protection: Assist the FDIC to protect consumer rights\n          and ensure community reinvestment\n          Audits and investigations contributed to the FDIC\xe2\x80\x99s protection of consumers in multiple\n          ways. As a result of our audit of the challenges and FDIC efforts related to predatory lend-\n          ing, we recommended that the FDIC describe in policy its overall approach to addressing\n          predatory lending and review existing examiner, financial institution, and consumer guidance\n          to see if more guidance is needed to address risks associated with such lending. We also\n          issued a report on the implementation of the Gramm-Leach-Bliley Act and Fair and Accurate\n          Credit Transaction (FACT) Act with recommendations to enhance assurance that institutions\n          are taking steps to prevent identity theft to the extent intended by the FACT Act and to\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 44\n\n\n\n\n            44                                    SEMIANNUAL REPORT TO THE CONGRESS\n\n\n                      encourage the FDIC to coordinate with the joint agency rulemaking committee to expedite\n                      issuance of final rules and regulations for all of the Act\xe2\x80\x99s provisions. Two other reports\n                      included recommendations to ensure better protection of sensitive customer information.\n                      One of these reports related to the risks of financial institutions\xe2\x80\x99 increased outsourcing of\n                      software development and maintenance, data processing, and other information technology\n                      services to technology service providers and the FDIC\xe2\x80\x99s related examination coverage. The\n                      other audit examined the FDIC Division of Resolutions and Receiverships\xe2\x80\x99 protection of\n                      bank employee and customer personally identifiable information. To further protect con-\n                      sumers, our Electronic Crimes Unit responded to multiple phishing schemes where the FDIC\n                      and OIG Web sites were misused to entice consumers to divulge personal information. We\n                      successfully shut down several Web sites used for such purposes. We also continued efforts\n                      to curtail misrepresentation of FDIC insurance. As a result of one of our investigations, a\n                      foreign currency trader pleaded guilty to multiple counts of wire fraud and two counts of for-\n                      gery and counterfeiting official seals of the United States, including the FDIC logo. He was\n                      sentenced to 5 years\xe2\x80\x99 incarceration and ordered to pay over $5 million in restitution to his\n                      victims. From a compliance standpoint, we assessed examiner use of Home Mortgage Disclo-\n                      sure Act data to identify and assess instances of potential discrimination in FDIC-supervised\n                      institutions and recommended strengthening examiner guidance. We also identified needed\n                      improvements in the FDIC\xe2\x80\x99s process for addressing the violations and deficiencies reported in\n                      compliance examinations.\n\n\n                      Receivership Management: Help ensure that the FDIC is ready to\n                      resolve failed banks and effectively manages receiverships\n                      We reported that with respect to the Corporation\xe2\x80\x99s Board-approved $31.8 million asset serv-\n                      icing technology enhancement project (ASTEP), the project management team developed\n                      planning documents and implemented activities that complied with project management\n                      guidance in line with the status of the project. We recommended that as the project advanced\n                      and was rebaselined, strengthening project management controls would facilitate decision-\n                      making and help ensure ASTEP met user needs effectively and efficiently. Other audit work\n                      determined that the Corporation established and implemented an effective system for track-\n                      ing and recovering unclaimed deposits. We pursued concealment of assets investigations\n                      related to the more than $1.7 billion in criminal restitution that the FDIC is owed. In one\n                      such successful case, the former chief executive officer of Sunbelt Savings Bank was convicted\n                      on all 27 counts of an indictment charging him with mail fraud, false statements, conceal-\n                      ment of assets, and money laundering. He was also subject to more than $2 million in cash\n                      forfeitures.\n\n\n\n\n                      Resources Management: Promote sound governance and effective\n                      stewardship of financial, human, IT, and procurement resources\n                      We issued a number of audit reports resulting in positive benefits to the FDIC, for example,\n                      strengthening the Corporation\xe2\x80\x99s privacy program for protecting personal employee informa-\n                      tion; establishing a more effective discrimination complaint resolution process; helping\n                      ensure an efficient, effective, and accountable FDIC contract administration process;\n                      strengthening the Corporation\xe2\x80\x99s emergency response program; enhancing controls over the\n                      disposal of sensitive FDIC information; enhancing wireless security policies and procedures\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 45\n\n\n\n\n                                     SEMIANNUAL REPORT TO THE CONGRESS                                       45\n\n\n          and restricting access to critical software programs designed to safeguard wireless communica-\n          tions; and strengthening the FDIC\xe2\x80\x99s certification and accreditation program to better secure\n          corporate operations and assets. Our Federal Information Security Management Act-related\n          work for 2006 reported that the FDIC had made significant progress over the last several\n          years but continued attention was needed in such areas as enterprise architecture, configura-\n          tion management, access controls, and audit and accountability controls. We also continued\n          efforts to ensure employee integrity and heighten awareness of unacceptable or unethical\n          behavior as evidenced by our success in investigating a former FDIC intern\xe2\x80\x99s conspiracy to\n          commit bank fraud and identity theft of FDIC employees. The former intern was sentenced\n          to 60 months\xe2\x80\x99 imprisonment and ordered to make restitution of over $630,000.\n\n\n          OIG Internal Processes: Continuously enhance the OIG\xe2\x80\x99s business\n          and management processes\n          We strengthened our focus on strategically planning OIG work, resulting in issuance of our\n          fiscal year 2006 Audit Plan and 2006 Business Plan, which combined our strategic plan and\n          performance plan. These plans were designed to unify, guide, and integrate OIG activities in\n          pursuit of our six strategic goals. We promoted effective stakeholder relationships and infor-\n          mation-sharing by way of OIG Executive meetings with FDIC Executives; presentations at\n          FDIC Audit Committee meetings; Congressional interaction; and coordination with finan-\n          cial regulatory OIGs, other members of the Inspector General community, and the Govern-\n          ment Accountability Office. We reviewed and/or commented on 14 proposed corporate\n          policies (e.g., Employee Rights and Responsibilities under the Privacy Act of 1974, Encryp-\n          tion and Digital Signatures for Electronic Mail, Protection of Privacy Information, the\n          FDIC\xe2\x80\x99s Software Configuration Management Program, and Enterprise Risk Management)\n          and four draft legislative documents and regulations. We focused on continuously enhancing\n          the OIG\xe2\x80\x99s business and management processes by strengthening the OIG\xe2\x80\x99s human capital\n          practices, taking steps to better ensure the quality of OIG activities and products, and invest-\n          ing in cost-effective and secure information technology to improve performance and produc-\n          tivity.\n\x0c0064-FDIC_FDIC text .qxd    12/6/06    5:07 PM      Page 46\n\n\n\n\n            46                                           SEMIANNUAL REPORT TO THE CONGRESS\n\n\n\n                           Achievement of Fiscal Year 2006 Quantitative Performance\n                           Measures\n\n                      Performance Measure                                                       Status               FY 2006              FY 2006\n                                                                                                                      Actual               Target\n                                                    \xe2\x96\xa0\n                      Financial Benefit Return                                                    Met                 196%                  100%\n                                       \xe2\x97\x8f\n                      Other Benefits                                                              Met                   127                   70\n                                                                     \xe2\x96\xbc\n                      Past Recommendations Implemented                                   Substantially Met             93%                  95%\n                      Audit/Evaluation Reports Issued                                    Substantially Met              26                    30\n                      Average Elapsed Calendar Days to Issue\n                      Final Audit/Evaluation Report                                            Not Met                  239                  180\n                                                \xe2\x97\x86\n                      Investigative Actions                                                       Met                   169                  120\n                      Closed Investigations Resulting in Reports to\n                      Management, Convictions, Civil Actions, or\n                      Administrative Actions                                                      Met                  84%                  80%\n                      Investigations Accepted for Prosecution Resulting\n                      in Convictions, Pleas, and/or Settlements                          Substantially Met             67%                  70%\n                      Investigation Reports Issued Within\n                      30 Days After Completing Case                                      Substantially Met             98%                  100%\n\n\n\n                       \xe2\x96\xa0 Includes all financial benefits, including audit-related questioned costs; recommendations for better use of funds; and\n                         investigative fines, restitution, settlements, and other monetary recoveries divided by OIG\xe2\x80\x99s total fiscal year budget obliga-\n                         tions.\n                       \xe2\x97\x8f Benefits to the FDIC that cannot be estimated in dollar terms that result in improved services; statutes, regulations, or\n                         policies; or business operations and occurring as a result of work that the OIG has completed over the past several years.\n                         Includes outcomes from implementation of OIG audit/evaluation recommendations.\n                       \xe2\x96\xbc Fiscal year 2004 recommendations implemented by fiscal year-end 2006.\n\n                       \xe2\x97\x86 Indictments, convictions, informations, arrests, pre-trial diversions, criminal non-monetary sentencings, monetary\n                          actions, employee actions, and other administrative actions.\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 47\n\n\n\n\n               Reporting Requirements\n\n\n\n\n              Index of Reporting Requirements -\n              Inspector General Act of 1978, as amended\n              REPORTING REQUIREMENTS                                                         PAGE\n\n\n              Section 4(a)(2): Review of legislation and regulations                           49\n\n\n              Section 5(a)(1): Significant problems, abuses, and deficiencies                5-34\n\n\n              Section 5(a)(2): Recommendations with respect to significant\n                               problems, abuses, and deficiencies                            5-34\n\n\n              Section 5(a)(3): Recommendations described in previous semiannual\n                               reports on which corrective action has not been completed       49\n\n\n              Section 5(a)(4): Matters referred to prosecutive authorities                      4\n\n\n              Section 5(a)(5) and 6(b)(2): Summary of instances where\n                                           requested information was refused                   56\n\n\n              Section 5(a)(6): Listing of audit reports                                        53\n\n\n              Section 5(a)(7): Summary of particularly significant reports                   5-34\n\n\n              Section 5(a)(8): Statistical table showing the total number of audit reports\n                               and the total dollar value of questioned costs                  55\n\n\n                                                                                                    47\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 48\n\n\n\n\n            48                                    SEMIANNUAL REPORT TO THE CONGRESS\n\n\n                      Section 5(a)(9): Statistical table showing the total number of audit reports and the\n                                       total dollar value of recommendations that funds be put to better use   55\n\n\n                      Section 5(a)(10): Audit recommendations more than 6 months old for\n                                        which no management decision has been made                             56\n\n\n                      Section 5(a)(11): Significant revised management decisions during the\n                                         current reporting period                                              56\n\n\n                      Section 5(a)(12): Significant management decisions with which\n                                        the OIG disagreed                                                      56\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 49\n\n\n\n\n               Information Required by\n               the Inspector General\n               Act of 1978, as amended\n\n\n\n\n              Review of Legislation and Regulations\n              The FDIC OIG is tasked under the Inspector General Act of 1978 with reviewing\n              existing and proposed legislation and regulations relating to programs and operations\n              of the Corporation and making recommendations in semiannual reports concerning\n              the impact of such legislation or regulations on the economy and efficiency in the\n              administration of programs and operations administered or financed by the Corpora-\n              tion or the prevention and detection of fraud and abuse in its programs and operations.\n              The Office of Counsel reviewed and provided comments on draft final deposit insur-\n              ance regulations establishing higher deposit insurance limits on retirement accounts.\n              The Office of Counsel also reviewed the Office of Management and Budget\xe2\x80\x99s final reg-\n              ulations under the NO FEAR Act to determine the implications of reimbursing the\n              Judgment Fund for discrimination or whistleblower judgments, awards, or settlements,\n              but provided no comments. Further, Counsel\xe2\x80\x99s Office began tracking legislative devel-\n              opments relating to the Privacy Act and security concerns regarding the presence of\n              personally identifiable information on government computers.\n\n              Table I: Significant Recommendations From Previous Semiannual\n              Reports on Which Corrective Actions Have Not Been Completed\n              This table shows the corrective actions management has agreed to implement but has\n              not completed, along with associated monetary amounts. In some cases, these correc-\n              tive actions are different from the initial recommendations made in the audit reports.\n              However, the OIG has agreed that the planned actions meet the intent of the initial\n              recommendations. The information in this table is based on (1) information supplied\n              by FDIC\xe2\x80\x99s Office of Enterprise Risk Management (OERM) and (2) the OIG\xe2\x80\x99s determi-\n              nation of closed recommendations for reports issued after March 31, 2002. These 21\n              recommendations from 12 reports involve improvements in operations and programs.\n              OERM has categorized the status of these recommendations as follows:\n\n              Management Action in Process:\n              (21 recommendations from 12 reports)\n              Management is in the process of implementing the corrective action plan, which may\n              include modifications to policies, procedures, systems or controls; issues involving      49\n              monetary collection; and settlement negotiations in process.\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 50\n\n\n\n\n            50                                      SEMIANNUAL REPORT TO THE CONGRESS\n\n\n                      Significant Recommendations From Previous Semiannual Reports\n                      on Which Corrective Actions Have Not Been Completed\n\n                       Report Number,                 Significant             Brief Summary of Planned\n                       Title & Date                   Recommendation Number   Corrective Actions\n\n                                         M ANAGE M E NT           ACT ION       IN    P R O C ESS\n\n                                                      \xe2\x96\xa0\n                       03-030                         4                       Allow only approved FDIC workstations to\n                       Remote Access Systems                                  authenticate to the network.\n                       Review\n                       June 5, 2003\n\n\n                       04-019                         1                       Integrate the key project management\n                       Enhancements to the FDIC                               activities identified in the Project Manage-\n                       System Development Life                                ment Institute\xe2\x80\x99s A Guide to the Project\n                       Cycle Methodology                                      Management Body of Knowledge\n                       April 30, 2004                                         (PMBOK) with the development process.\n\n\n\n                                                      3                       Align systems development with the FDIC\xe2\x80\x99s\n                                                                              Enterprise Architecture, establish how\n                                                                              funding will be reviewed and provided in\n                                                                              an iterative development environment, and\n                                                                              update cost-benefit analysis during the life\n                                                                              cycle of the system.\n\n\n                       04-039                                                 Document specific capital investment-\n                                                      8\n                       FDIC\xe2\x80\x99s Capital Investment                              related information, including information\n                       Management Review                                      about steady state investments.\n                       Process for Information\n                       Technology Investments\n                       September 23, 2004\n\n\n                       05-016                         1                       Ensure that division and office directors\n                       Security Controls Over the                             provide FDIC employees and contractors\n                       FDIC\xe2\x80\x99s Electronic Mail                                 with sufficiently detailed guidance to facil-\n                       (E-Mail) Infrastructure                                itate informed decisions on when to\n                       March 31, 2005                                         encrypt sensitive e-mail communications.\n\n                                                      \xe2\x97\x8f\n                                                      2                       Evaluate alternative solutions to augment\n                                                                              the current implementation of\n                                                                              Entrust/Express for securing sensitive\n                                                                              e-mail communications.\n\n\n                                                      3                       Evaluate the feasibility of implementing an\n                                                                              e-mail policy compliance tool to achieve\n                                                                              greater assurance that sensitive communi-\n                                                                              cations are encrypted when appropriate.\n\x0c0064-FDIC_FDIC text .qxd    12/6/06      5:07 PM    Page 51\n\n\n\n\n                                         SEMIANNUAL REPORT TO THE CONGRESS                                            51\n\n\n           Report Number,                   Significant                 Brief Summary of Planned\n           Title & Date                     Recommendation Number       Corrective Actions\n\n                             MANAGE M E NT                    ACT ION     IN    P R OCE S S\n\n                                             \xe2\x96\xa0\n                                            5                           Develop a security plan for the e-mail\n                                                                        infrastructure that defines the FDIC\xe2\x80\x99s\n                                                                        security requirements and existing and\n                                                                        planned controls for ensuring those\n                                                                        requirements are satisfied.\n\n                                                                        Establish a policy that takes an enterprise\n           05-031                           1                           approach to defining the roles, responsi-\n           FDIC\xe2\x80\x99s Information Technol-                                  bilities, and overall principles and man-\n           ogy Configuration Manage-                                    agement expectations for performing\n           ment Controls Over                                           configuration management on operating\n           Operating System Software                                    system software.\n           September 8, 2005\n\n                                            2                           Develop configuration management\n                                                                        plan(s) covering the four operating system\n                                                                        software platforms addressed in this\n                                                                        report consistent with federal standards\n                                                                        and guidelines and industry-accepted\n                                                                        practices.\n                                                \xe2\x96\xa0\n           05-037                           2                           Develop and implement a software config-\n           Controls Over the Risk-                                      uration management plan for the Risk-\n           Related Premium System                                       Related Premium System that incorporates\n           September 23, 2005                                           the appropriate features of StarTeam.\n\n           06-004                                                       Fully document costs and benefits in\n           Project Management Frame-        1\xe2\x97\x8f\n                                                                        updating the ASTEP solution through cur-\n           work for the Asset Servicing                                 rent re-baselining efforts, including\n           Technology Enhancement                                       addressing key activities associated with\n           Project (ASTEP)                                              specified costs.\n           December 16, 2005\n                                             \xe2\x96\xbc\n           06-005                           1                           Develop and issue an overarching privacy\n           FDIC Safeguards Over Per-                                    policy for safeguarding personal employee\n           sonal Employee Information                                   information.\n           January 6, 2006\n\n           06-008                           1                           Pursue revisions to Part 327 and related\n           Consideration of Safety and                                  implementing procedures to permit Capital\n           Soundness Examination                                        Group adjustments during the Risk-Related\n           Results and Other Relevant                                   Premium System (RRPS) process.\n           Information in the FDIC\xe2\x80\x99s\n           Risk-Related Premium\n           System\n           February 17, 2006\n\n                                            2                           Update the analysis supporting the basis\n                                                                        point rate spreads applied to the assess-\n                                                                        ment rate matrix for deposit insurance\n                                                                        funds.\n\n                                            3\xe2\x96\xbc\n                                                                        Present the updated analysis as part of the\n                                                                        assessment rate cases to the Board with\n                                                                        recommendations for assessment rates for\n                                                                        financial institutions based on their\n                                                                        assessment risk classification.\n\x0c0064-FDIC_FDIC text .qxd     12/6/06    5:07 PM    Page 52\n\n\n\n\n            52                                         SEMIANNUAL REPORT TO THE CONGRESS\n\n\n\n                       Report Number,                      Significant                    Brief Summary of Planned\n                       Title & Date                        Recommendation Number          Corrective Actions\n\n                                             M ANAGE M E NT                ACT ION           IN    P R O C ESS\n\n                                                            \xe2\x96\xbc\n                                                           4                              Establish a schedule for periodically\n                                                                                          updating the assessment rate analysis and\n                                                                                          reassessing the basis point spreads and\n                                                                                          assessment rates, as needed.\n\n\n                       06-009                              1\xe2\x96\xbc\n                                                                                          Finalize interim examination guidance that\n                       FDIC\xe2\x80\x99s Guidance to Institu-                                        addresses FACT Act provisions for which\n                       tions and Examiners for                                            final rules and regulations have been\n                       Implementing the Gramm-                                            issued or that are self-executing.\n                       Leach-Bliley Act Title V and\n                       Fair and Accurate Credit\n                       Transactions (FACT) Act\n                       February 24, 2006\n\n                                                           2\xe2\x96\xbc                             Develop a more aggressive project man-\n                                                                                          agement plan that will expedite the\n                                                                                          issuance of final rules and regulations for\n                                                                                          all FACT Act provisions.\n\n\n                       06-010                              3\xe2\x97\x8f                             Prior to the next contract option period,\n                       Consolidated Facilities                                            perform an assessment to determine if the\n                       Management Approach                                                Consolidated Facilities Management con-\n                       March 30, 2006                                                     tract is achieving intended benefits,\n                                                                                          including small business participation.\n\n\n\n                       06-012                              3                              Establish and implement a procedure for\n                       Security Controls Over the                                         periodically reviewing and testing critical\n                       FDIC\xe2\x80\x99s Wireless Data                                               security software programs on the FDIC\xe2\x80\x99s\n                       March 31, 2006                                                     wireless-enabled laptop computers to\n                                                                                          ensure that user permissions are appropri-\n                                                                                          ately restricted.\n\n\n\n                      \xe2\x96\xa0    The OIG has not received information necessary to evaluate management\xe2\x80\x99s actions in response to the rec-\n                           ommendation.\n                      \xe2\x97\x8f    The OIG has received some information but has requested additional information to evaluate management\xe2\x80\x99s\n                           actions in response to the recommendation.\n                      \xe2\x96\xbc    Implementation scheduled for December 2006.\n\x0c0064-FDIC_FDIC text .qxd    12/6/06       5:07 PM   Page 53\n\n\n\n\n                                           SEMIANNUAL REPORT TO THE CONGRESS                                            53\n\n\n                      Table II: Audit Reports Issued by Subject Area\n\n                                          AUDIT REPORT                                      QUESTIONED COSTS\n                                                                                                                   FUNDS\n                                                                                                                   PUT TO\n                           Number and                    Title                          Total        Unsupported   BETTER\n                           Date\n                                                                                                                   USE\n                       I N S U R A N C E\n\n                           06-013                        FDIC Reserve Ratio and\n                           April 17, 2006                Assessment Determinations\n\n\n                           EVAL-06-014                   FDIC\xe2\x80\x99s Industrial Loan Com-\n                           July 20, 2006                 pany Deposit Insurance\n                                                         Application Process\n\n                       C O N S U M E R         P R O T E C T I O N\n\n                           06-010                        Challenges and FDIC Efforts\n                           June 7, 2006                  Related to Predatory\n                                                         Lending\n\n\n                           06-015                        FDIC\xe2\x80\x99s Oversight of Technol-\n                           July 20, 2006                 ogy Service Providers\n\n\n                           06-023                        Examiner Use of Home\n                           September 28, 2006            Mortgage Disclosure Act\n                                                         Data to Identify Potential\n                                                         Discrimination\n\n                           06-024                        Division of Supervision and\n                           September 29, 2006            Consumer Protection\xe2\x80\x99s\n                                                         Supervisory Actions Taken\n                                                         for Compliance Violations\n\n\n                           06-017                        DRR\xe2\x80\x99s Protection of Bank\n                           September 15, 2006            Employee and Customer\n                                                         Personally Identifiable\n                                                         Information\n\n\n                       R E S O U R C E S        M A N A G E M E N T\n\n\n                           06-016                        Controls Over the Disposal\n                           August 10, 2006               of Sensitive FDIC Informa-\n                                                         tion by Iron Mountain, Inc.\n                                                                                        $3,389,962\n                           06-018                        Response to Privacy Pro-\n                           September 22, 2006            gram Information Request in\n                                                         OMB\xe2\x80\x99s Fiscal Year 2006                      $3,016,407\n                                                         Reporting Instructions for\n                                                         FISMA and Agency Privacy\n                                                         Management\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM    Page 54\n\n\n\n\n            54                                     SEMIANNUAL REPORT TO THE CONGRESS\n\n\n                      Table II: Audit Reports Issued by Subject Area\n                                     AUDIT REPORT                                           QUESTIONED COSTS\n                                                                                                                   FUNDS\n                                                                                                                   PUT TO\n                           Number and                 Title                            Total         Unsupported\n                           Date                                                                                    BETTER\n                                                                                                                   USE\n                       R E S O U R C E S    M A N A G E M E N T     ( C O N T I N U E D )\n\n                           06-019                    Responses to Security-Related\n                           September 22, 2006        Questions in OMB\xe2\x80\x99s Fiscal Year\n                                                     2006 Reporting Instructions for\n                                                     FISMA and Agency Privacy\n                                                     Management\n\n\n\n                           06-020                    FDIC\xe2\x80\x99s Efforts to Comply with\n                           September 25, 2006        OMB Memorandum M-06-16,\n                                                     Protection of Sensitive Agency\n                                                     Information\n\n\n\n                           06-022                    Independent Evaluation of the\n                           September 27, 2006        FDIC\xe2\x80\x99s Information Security\n                                                     Program - 2006\n\n\n                           06-025                    Controls for Monitoring Access\n                           September 29, 2006        to Sensitive Information\n                                                     Processed by FDIC Applica-\n                                                     tions\n\n\n\n                           EVAL-06-021               FDIC\xe2\x80\x99s Emergency Response\n                           September 22, 2006        Plans\n\n\n                           EVAL-06-026               FDIC\xe2\x80\x99s Contract Administration\n                           September 29, 2006\n\n\n\n\n                           TOTALS FOR THE PERIOD                                       $0            $0            $0\n\x0c0064-FDIC_FDIC text .qxd      12/6/06     5:07 PM      Page 55\n\n\n\n\n                                           SEMIANNUAL REPORT TO THE CONGRESS                                                               55\n\n\n           Table III: Audit Reports Issued with Questioned Costs\n                                                                                                    Questioned Costs\n                                                                       Number\n                                                                                              Total              Unsupported\n\n\n             A. For which no management decision has\n                been made by the commencement of the\n                reporting period.                                          3             $3,888,723                    $3,036,407\n\n             B. Which were issued during the reporting\n                period.                                                    0             $0                            $0\n\n\n             Subtotals of A & B                                            3             $3,888,723                    $3,036,407\n\n             C. For which a management decision was\n                made during the reporting period.                          3             $3,888,723                    $3,036,407\n                     (i) dollar value of disallowed costs.                 1             $45,830                       0\n                     (ii) dollar value of costs not\n                                                                            \xe2\x97\x8f\n                          disallowed.                                      3             $3,842,893                    $3,036,407\n\n             D. For which no management decision has\n                been made by the end of the reporting\n                period.                                                    0             $0                            $0\n\n                Reports for which no management decision\n                was made within 6 months of issuance.                      0             $0                            $0\n\n           \xe2\x97\x8f One report included on the line for costs not disallowed is also included in the line for costs disallowed, because manage-\n           ment did not agree with some of the questioned costs.\n\n           Table IV: Audit Reports Issued with Recommendations for\n                     Better Use of Funds\n                                                                                                         Number             Dollar Value\n\n\n             A. For which no management decision has been made by the commence-\n                ment of the reporting period.                                                              0                 $0\n\n             B. Which were issued during the reporting period.                                             0                 $0\n\n             Subtotals of A & B                                                                            0                 $0\n\n             C. For which a management decision was made during the reporting period.                      0                 $0\n                       (i) dollar value of recommendations that were agreed to by\n                           management.                                                                     0                 $0\n                                  - based on proposed management action.                                   0                 $0\n                                  - based on proposed legislative action.                                  0                 $0\n                       (ii) dollar value of recommendations that were not agreed to by\n                            management.                                                                    0                 $0\n\n             D. For which no management decision has been made by the end of the\n                reporting period.                                                                          0                 $0\n\n             E. Reports for which no management decision was made within\n                6 months of issuance.                                                                      0                 $0\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 56\n\n\n\n\n            56                                    SEMIANNUAL REPORT TO THE CONGRESS\n\n\n                      Table V: Status of OIG Recommendations\n                               Without Management Decisions\n                      During this reporting period, there were no recommendations more than 6 months old with-\n                      out management decisions.\n\n\n                      Table VI: Significant Revised Management Decisions\n                      During this reporting period, there were no significant revised management decisions.\n\n\n                      Table VII: Significant Management Decisions with Which\n                                 the OIG Disagreed\n                      During this reporting period, there were no significant management decisions with which the\n                      OIG disagreed.\n\n\n                      Table VIII: Instances Where Information Was Refused\n                      During this reporting period, there were no instances where information was refused.\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 57\n\n\n\n\n               Abbreviations and\n               Acronyms\n\n\n\n\n                   ANB                   American National Bank\n                   ASB                   Acquisition Services Branch\n                   COO                   chief operations officer\n                   CRA                   Community Reinvestment Act\n                   DOA                   Division of Administration\n                   DRR                   Division of Resolutions and Receiverships\n                   DSC                   Division of Supervision and Consumer Protection\n                   ECU                   Electronic Crimes Unit\n                   ERP                   emergency response plans\n                   FBI                   Federal Bureau of Investigation\n                   FDIC                  Federal Deposit Insurance Corporation\n                   FFIEC                 Federal Financial Institutions Examination Council\n                   FISMA                 Federal Information Security Management Act of 2002\n                   FNBB                  First National Bank of Blanchardville\n                   FSA                   Farm Service Agency\n                   HMDA                  Home Mortgage Disclosure Act\n                   HQ                    Washington Area Headquarters Offices\n                   IG                    Inspector General\n                   IIF                   information in an identifiable form\n\n\n                                                                                               57\n\x0c0064-FDIC_FDIC text .qxd    12/6/06   5:07 PM   Page 58\n\n\n\n\n            58                                     SEMIANNUAL REPORT TO THE CONGRESS\n\n\n                           ILC                  industrial loan company\n                           IT                   Information Technology\n                           OCC                  Office of the Comptroller of the Currency\n                           OERM                 Office of Enterprise Risk Management\n                           OI                   Office of Investigations\n                           OIG                  Office of Inspector General\n                           OMB                  Office of Management and Budget\n                           PCIE                 President\xe2\x80\x99s Council on Integrity and Efficiency\n                           TSP                  technology service provider\n                           ViSION               Virtual Supervisory Information On the Net system\n\x0c0064-FDIC_FDIC text .qxd       12/6/06       5:07 PM       Page 59\n\n\n\n\n               OIG Staff Honored\n               at Awards Ceremony\n\n\n\n\n              Each year, the Inspector General community presents awards for excellence to honor\n              those individuals whose distinguished work helps to promote economy, efficiency, and\n              effectiveness in their agency\xe2\x80\x99s programs and prevent and detect fraud, waste, and abuse.\n              The 2006 Awards Ceremony of the President\xe2\x80\x99s Council on Integrity and Efficiency and\n              the Executive Council on Integrity and Efficiency was held at Andrew W. Mellon Audi-\n              torium on October 24, 2006, and three teams led by staff of the FDIC OIG received\n              Awards for Excellence. The OIG is proud of the following recipients of these awards:\n\n                                                                                          The evaluation team of Marshall\n                                                                                          Gentry, Ann Lewis, Loretta Weibel,\n                                                                                          Tom Ritz, Erin Shea, and Chris\n                                                                                          Gieseler for their outstanding work\n                                                                                          on the evaluation of FDIC safe-\n                                                                                          guards over personal employee\n                                                                                          information.\n\n\n\n\n               Left to right: Rus Rau, Chris Gieseler, Tom Ritz, Loretta Weibel, Ann\n               Lewis, Marshall Gentry, Erin Shea, Steve Beard, Jon Rymer\n\n\n              The investigative team of Michael\n              Rexrode and Charlie Price (Special\n              Agent, FBI) for their outstanding\n              efforts in investigating a conspiracy\n              to commit bank fraud and identity\n              theft.\n\n\n\n\n                                                                           Left to right: Fred Gibson, Mike Rexrode, Jon Rymer\n                                                                           (not pictured, Charlie Price)                         59\n\x0c0064-FDIC_FDIC text .qxd   12/6/06      5:07 PM       Page 60\n\n\n\n\n            60                                            SEMIANNUAL REPORT TO THE CONGRESS\n\n\n                                                                                               The investigative team of Ken Meyd, David\n                                                                                               Beck (Senior Attorney, FDIC), and Joseph\n                                                                                               Revesz (Assistant U.S. Attorney) for their\n                                                                                               outstanding work in investigating and pros-\n                                                                                               ecuting illegal concealment of assets.\n\n\n\n\n                      Left to right: Fred Gibson, David Beck, Ken Meyd, Jon Rymer (not\n                      pictured, Joseph Revesz)\n\n\n\n\n                      Charles Chisolm, a Special Agent from the\n                      OIG\xe2\x80\x99s Dallas office, received an award for\n                      excellence for his work on a joint investiga-\n                      tion with the Department of Agriculture\n                      OIG of an individual involved in violating\n                      the Packers & Stockyards Act.\n\n\n\n\n                                                                                         Left to right: Fred Gibson, Charles Chisolm, Jon Rymer\n\x0c0064-FDIC_FDIC text .qxd   12/6/06   5:07 PM   Page 61\n\n\n\n\n               CONGRATULATIONS\n\n\n\n\n              Retirees\n              The OIG appreciates the many years of public service of three members of our staff\n              who retired during the reporting period.\n              Paul Johnston, Senior Audit Specialist, retired after nearly 32 years of federal service.\n              His career began in the Army Corps of Engineers and later included work as an\n              accountant and auditor at the U.S. Department of Agriculture and U.S. Information\n              Agency Offices of Inspector General. He joined the FDIC OIG in 1991.\n              Mike Walker, Senior IT Specialist, retired after more than 35 years of federal service.\n              His career began as an Army Lieutenant followed by his promotion to Captain. In\n              1974 he became an auditor at the Naval Supply Center, Norfolk, Virginia, and later\n              moved on to the General Accounting Office (now the Government Accountability\n              Office). He worked at the Community Services Administration, Department of Trans-\n              portation, and Department of Housing and Urban Development Offices of Inspector\n              General prior to joining the FDIC OIG in 2003.\n              Joan Green, Investigative Assistant in the OIG\xe2\x80\x99s Atlanta office, retired after more than\n              33 years of federal service. Her career began with the U.S. Army in Ft. Jackson, South\n              Carolina, and included service with the Department of Defense, Defense Criminal\n              Investigative Service, and finally with the Offices of Inspector General of the Resolu-\n              tion Trust Corporation and the Federal Deposit Insurance Corporation. We appreciate\n              Joan\xe2\x80\x99s dedicated assistance to OIG investigators over the past 15 years.\n\n\n\n\n                                                                                                          61\n\x0c0064-FDIC_FDIC text .qxd     12/6/06       5:07 PM      Page 62\n\n\n\n\n            62                                               SEMIANNUAL REPORT TO THE CONGRESS\n\n\n                                                                                                     Hamilton Bank Investigative\n                                                                                                     Team\n                                                                                                     The OIG acknowledged the outstanding\n                                                                                                     efforts of a team of individuals from the\n                                                                                                     U.S. Attorney\xe2\x80\x99s Office of the Southern\n                                                                                                     District of Florida for their efforts in the\n                                                                                                     successful prosecution of the former chair-\n                                                                                                     man of the board and chief executive\n                                                                                                     officer of Hamilton Bank.\n\n                           Pictured here are members of the U.S. Attorney\xe2\x80\x99s team with IG Jon\n                           Rymer and others from FDIC OIG management.\n\n\n\n\n                       OIG Investigators\n                                                                                                    OIG Special Agent Alan Butler received\n                                                                                                    an award from FBI Special Agent in\n                                                                                                    Charge, Memphis Division, My Harrison,\n                                                                                                    for his outstanding assistance in the suc-\n                                                                                                    cessful case of the Bank of Alamo Failure.\n                                                                                                    Also recognized were members of the OIG\xe2\x80\x99s\n                                                                                                    Electronic Crimes Unit, Jay Chappell,\n                                                                                                    Special Agent in Charge, and Lance Endy,\n                                                                                                    Special Agent.\n\n\n                           Left to right: Alan Butler, Jay Chappell, My Harrison, Lance Endy\n\n\n\n                       OIG Special Agent Jason Moran received\n                       an award for Special Achievement in Iden-\n                       tity Theft and Financial Investigations at\n                       the Southeastern IG Counsel awards cere-\n                       mony. Special Agent Moran was cited for\n                       his work on a case involving Colony Bank\n                       of Fitzgerald and the indictments and\n                       arrests of six defendants.\n\n\n\n                                                                                               Left to right: Tom McDade, Jason Moran, Phil Robertson, Eastern\n                                                                                               Region OI.\n\x0c00064-FDIC-cover final.qxd   12/6/06   5:11 PM   Page 4\n\x0c00064-FDIC-cover final.qxd   12/6/06   5:11 PM   Page 1\n\n\n\n\n                                       The Office of Inspector General (OIG) Hotline is a convenient mechanism\n                                       employees, contractors, and others can use to report instances of suspected fraud,\n                                       waste, abuse, and mismanagement within the FDIC and its contractor operations.\n                                       The OIG maintains a toll-free, nationwide Hotline (1-800-964-FDIC), electronic\n                                       mail address (IGhotline@FDIC.gov), and postal mailing address. The Hotline is\n                                       designed to make it easy for employees and contractors to join with the OIG in its\n                                       efforts to prevent fraud, waste, abuse, and mismanagement that could threaten the\n                                       success of FDIC programs or operations.\n\n\n\n\n                                       To learn more about the FDIC OIG and for complete copies of audit\n                                       and evaluation reports discussed in this Semiannual Report, visit our\n                                       homepage: http://www.fdicig.gov\n\n\n\n\n                                       Federal Deposit Insurance Corporation\n                                       Office of Inspector General\n                                       3501 Fairfax Drive\n                                       Arlington, VA. 22226\n\x0c"